Merge remote-tracking branch 'origin/features/prune' into features/prune

pull/868/head
Joran Honig 6 years ago
commit d516e31773
  1. 4
      mythril/analysis/modules/base.py
  2. 15
      mythril/analysis/modules/delegatecall.py
  3. 66
      mythril/analysis/modules/dependence_on_predictable_vars.py
  4. 19
      mythril/analysis/modules/deprecated_ops.py
  5. 21
      mythril/analysis/modules/ether_thief.py
  6. 17
      mythril/analysis/modules/exceptions.py
  7. 36
      mythril/analysis/modules/external_calls.py
  8. 142
      mythril/analysis/modules/integer.py
  9. 32
      mythril/analysis/modules/multiple_sends.py
  10. 109
      mythril/analysis/modules/suicide.py
  11. 15
      mythril/analysis/modules/transaction_order_dependence.py
  12. 17
      mythril/analysis/modules/unchecked_retval.py
  13. 73
      mythril/analysis/report.py
  14. 1
      mythril/analysis/security.py
  15. 42
      mythril/analysis/swc_data.py
  16. 2
      mythril/analysis/templates/report_as_markdown.jinja2
  17. 4
      mythril/analysis/templates/report_as_text.jinja2
  18. 1
      mythril/disassembler/disassembly.py
  19. 36
      mythril/ethereum/evmcontract.py
  20. 2
      mythril/ethereum/util.py
  21. 5
      mythril/interfaces/cli.py
  22. 15
      mythril/laser/ethereum/call.py
  23. 1
      mythril/laser/ethereum/svm.py
  24. 10
      mythril/mythril.py
  25. 23
      mythril/solidity/soliditycontract.py
  26. 47
      mythril/support/source_support.py
  27. 7
      mythril/support/truffle.py
  28. 2
      tests/cmd_line_test.py
  29. 19
      tests/report_test.py
  30. 103
      tests/testdata/outputs_expected/calls.sol.o.json
  31. 1
      tests/testdata/outputs_expected/calls.sol.o.jsonv2
  32. 56
      tests/testdata/outputs_expected/calls.sol.o.markdown
  33. 56
      tests/testdata/outputs_expected/calls.sol.o.text
  34. 10
      tests/testdata/outputs_expected/environments.sol.o.json
  35. 6
      tests/testdata/outputs_expected/ether_send.sol.o.json
  36. 1
      tests/testdata/outputs_expected/ether_send.sol.o.jsonv2
  37. 55
      tests/testdata/outputs_expected/exceptions.sol.o.json
  38. 1
      tests/testdata/outputs_expected/exceptions.sol.o.jsonv2
  39. 28
      tests/testdata/outputs_expected/exceptions.sol.o.markdown
  40. 28
      tests/testdata/outputs_expected/exceptions.sol.o.text
  41. 67
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.json
  42. 1
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.jsonv2
  43. 33
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.markdown
  44. 33
      tests/testdata/outputs_expected/kinds_of_calls.sol.o.text
  45. 6
      tests/testdata/outputs_expected/metacoin.sol.o.json
  46. 1
      tests/testdata/outputs_expected/metacoin.sol.o.jsonv2
  47. 19
      tests/testdata/outputs_expected/multi_contracts.sol.o.json
  48. 1
      tests/testdata/outputs_expected/multi_contracts.sol.o.jsonv2
  49. 5
      tests/testdata/outputs_expected/multi_contracts.sol.o.markdown
  50. 5
      tests/testdata/outputs_expected/multi_contracts.sol.o.text
  51. 6
      tests/testdata/outputs_expected/nonascii.sol.o.json
  52. 1
      tests/testdata/outputs_expected/nonascii.sol.o.jsonv2
  53. 19
      tests/testdata/outputs_expected/origin.sol.o.json
  54. 1
      tests/testdata/outputs_expected/origin.sol.o.jsonv2
  55. 5
      tests/testdata/outputs_expected/origin.sol.o.markdown
  56. 5
      tests/testdata/outputs_expected/origin.sol.o.text
  57. 18
      tests/testdata/outputs_expected/overflow.sol.o.json
  58. 40
      tests/testdata/outputs_expected/overflow.sol.o.jsonv2
  59. 12
      tests/testdata/outputs_expected/overflow.sol.o.markdown
  60. 14
      tests/testdata/outputs_expected/overflow.sol.o.text
  61. 43
      tests/testdata/outputs_expected/returnvalue.sol.o.json
  62. 1
      tests/testdata/outputs_expected/returnvalue.sol.o.jsonv2
  63. 21
      tests/testdata/outputs_expected/returnvalue.sol.o.markdown
  64. 21
      tests/testdata/outputs_expected/returnvalue.sol.o.text
  65. 44
      tests/testdata/outputs_expected/rubixi.sol.o.json
  66. 19
      tests/testdata/outputs_expected/suicide.sol.o.json
  67. 1
      tests/testdata/outputs_expected/suicide.sol.o.jsonv2
  68. 7
      tests/testdata/outputs_expected/suicide.sol.o.markdown
  69. 7
      tests/testdata/outputs_expected/suicide.sol.o.text
  70. 18
      tests/testdata/outputs_expected/underflow.sol.o.json
  71. 40
      tests/testdata/outputs_expected/underflow.sol.o.jsonv2
  72. 12
      tests/testdata/outputs_expected/underflow.sol.o.markdown
  73. 14
      tests/testdata/outputs_expected/underflow.sol.o.text
  74. 14
      tests/testdata/outputs_expected/weak_random.sol.o.json

@ -34,7 +34,6 @@ class DetectionModule:
) )
self.entrypoint = entrypoint self.entrypoint = entrypoint
self._issues = [] self._issues = []
self._cache_addresses = {}
@property @property
def issues(self): def issues(self):
@ -45,10 +44,9 @@ class DetectionModule:
def reset_module(self): def reset_module(self):
""" """
Resets issues and cache addresses Resets issues
""" """
self._issues = [] self._issues = []
self._cache_addresses = {}
def execute(self, statespace): def execute(self, statespace):
"""The entry point for execution, which is being called by Mythril. """The entry point for execution, which is being called by Mythril.

@ -82,17 +82,16 @@ def _concrete_call(
address=address, address=address,
swc_id=DELEGATECALL_TO_UNTRUSTED_CONTRACT, swc_id=DELEGATECALL_TO_UNTRUSTED_CONTRACT,
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
title="Call data forwarded with delegatecall()", title="Delegatecall Proxy",
_type="Informational", severity="Low",
description_head="The contract implements a delegatecall proxy.",
description_tail="The smart contract forwards the received calldata via delegatecall. Note that callers"
"can execute arbitrary functions in the callee contract and that the callee contract "
"can access the storage of the calling contract. "
"Make sure that the callee contract is audited properly.",
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
issue.description = (
"This contract forwards its call data via DELEGATECALL in its fallback function. "
"This means that any function in the called contract can be executed. Note that the callee contract will have "
"access to the storage of the calling contract.\n"
)
target = hex(call.to.val) if call.to.type == VarType.CONCRETE else str(call.to) target = hex(call.to.val) if call.to.type == VarType.CONCRETE else str(call.to)
issue.description += "DELEGATECALL target: {}".format(target) issue.description += "DELEGATECALL target: {}".format(target)

@ -8,7 +8,7 @@ from mythril.analysis.call_helpers import get_call_from_state
from mythril.analysis.modules.base import DetectionModule from mythril.analysis.modules.base import DetectionModule
from mythril.analysis.ops import Call, VarType from mythril.analysis.ops import Call, VarType
from mythril.analysis.report import Issue from mythril.analysis.report import Issue
from mythril.analysis.swc_data import PREDICTABLE_VARS_DEPENDENCE, TIMESTAMP_DEPENDENCE from mythril.analysis.swc_data import TIMESTAMP_DEPENDENCE, WEAK_RANDOMNESS
from mythril.exceptions import UnsatError from mythril.exceptions import UnsatError
from mythril.laser.ethereum.state.global_state import GlobalState from mythril.laser.ethereum.state.global_state import GlobalState
@ -23,7 +23,7 @@ class PredictableDependenceModule(DetectionModule):
"""""" """"""
super().__init__( super().__init__(
name="Dependence of Predictable Variables", name="Dependence of Predictable Variables",
swc_id="{} {}".format(TIMESTAMP_DEPENDENCE, PREDICTABLE_VARS_DEPENDENCE), swc_id="{} {}".format(TIMESTAMP_DEPENDENCE, WEAK_RANDOMNESS),
description=( description=(
"Check for CALLs that send >0 Ether as a result of computation " "Check for CALLs that send >0 Ether as a result of computation "
"based on predictable variables such as block.coinbase, " "based on predictable variables such as block.coinbase, "
@ -67,8 +67,9 @@ def _analyze_states(state: GlobalState) -> list:
address = call.state.get_current_instruction()["address"] address = call.state.get_current_instruction()["address"]
description = "In the function `" + call.node.function_name + "` " description = (
description += "the following predictable state variables are used to determine Ether recipient:\n" "The contract sends Ether depending on the values of the following variables:\n"
)
# First check: look for predictable state variables in node & call recipient constraints # First check: look for predictable state variables in node & call recipient constraints
@ -84,20 +85,24 @@ def _analyze_states(state: GlobalState) -> list:
for item in found: for item in found:
description += "- block.{}\n".format(item) description += "- block.{}\n".format(item)
if solve(call): if solve(call):
swc_type = ( swc_id = TIMESTAMP_DEPENDENCE if item == "timestamp" else WEAK_RANDOMNESS
TIMESTAMP_DEPENDENCE
if item == "timestamp" description += (
else PREDICTABLE_VARS_DEPENDENCE "Note that the values of variables like coinbase, gaslimit, block number and timestamp "
"are predictable and/or can be manipulated by a malicious miner. "
"Don't use them for random number generation or to make critical decisions."
) )
issue = Issue( issue = Issue(
contract=call.node.contract_name, contract=call.node.contract_name,
function_name=call.node.function_name, function_name=call.node.function_name,
address=address, address=address,
swc_id=swc_type, swc_id=swc_id,
bytecode=call.state.environment.code.bytecode, bytecode=call.state.environment.code.bytecode,
title="Dependence on predictable environment variable", title="Dependence on predictable environment variable",
_type="Warning", severity="Low",
description=description, description_head="Sending of Ether depends on a predictable variable.",
description_tail=description,
gas_used=( gas_used=(
call.state.mstate.min_gas_used, call.state.mstate.min_gas_used,
call.state.mstate.max_gas_used, call.state.mstate.max_gas_used,
@ -109,7 +114,6 @@ def _analyze_states(state: GlobalState) -> list:
for constraint in call.node.constraints[:] + [call.to]: for constraint in call.node.constraints[:] + [call.to]:
if "blockhash" in str(constraint): if "blockhash" in str(constraint):
description = "In the function `" + call.node.function_name + "` "
if "number" in str(constraint): if "number" in str(constraint):
m = re.search(r"blockhash\w+(\s-\s(\d+))*", str(constraint)) m = re.search(r"blockhash\w+(\s-\s(\d+))*", str(constraint))
if m and solve(call): if m and solve(call):
@ -117,8 +121,8 @@ def _analyze_states(state: GlobalState) -> list:
found = m.group(1) found = m.group(1)
if found: # block.blockhash(block.number - N) if found: # block.blockhash(block.number - N)
description += ( description = (
"predictable expression 'block.blockhash(block.number - " "The predictable expression 'block.blockhash(block.number - "
+ m.group(2) + m.group(2)
+ ")' is used to determine Ether recipient" + ")' is used to determine Ether recipient"
) )
@ -129,13 +133,13 @@ def _analyze_states(state: GlobalState) -> list:
elif "storage" in str( elif "storage" in str(
constraint constraint
): # block.blockhash(block.number - storage_0) ): # block.blockhash(block.number - storage_0)
description += ( description = (
"predictable expression 'block.blockhash(block.number - " "The predictable expression 'block.blockhash(block.number - "
+ "some_storage_var)' is used to determine Ether recipient" + "some_storage_var)' is used to determine Ether recipient"
) )
else: # block.blockhash(block.number) else: # block.blockhash(block.number)
description += ( description = (
"predictable expression 'block.blockhash(block.number)'" "The predictable expression 'block.blockhash(block.number)'"
+ " is used to determine Ether recipient" + " is used to determine Ether recipient"
) )
description += ", this expression will always be equal to zero." description += ", this expression will always be equal to zero."
@ -145,10 +149,11 @@ def _analyze_states(state: GlobalState) -> list:
function_name=call.node.function_name, function_name=call.node.function_name,
address=address, address=address,
bytecode=call.state.environment.code.bytecode, bytecode=call.state.environment.code.bytecode,
title="Dependence on predictable variable", title="Dependence on Predictable Variable",
_type="Warning", severity="Low",
description=description, description_head="Sending of Ether depends on the blockhash.",
swc_id=PREDICTABLE_VARS_DEPENDENCE, description_tail=description,
swc_id=WEAK_RANDOMNESS,
gas_used=( gas_used=(
call.state.mstate.min_gas_used, call.state.mstate.min_gas_used,
call.state.mstate.max_gas_used, call.state.mstate.max_gas_used,
@ -174,19 +179,22 @@ def _analyze_states(state: GlobalState) -> list:
index = r.group(1) index = r.group(1)
if index and solve(call): if index and solve(call):
description += ( description = (
"block.blockhash() is calculated using a value from storage " "A block hash is calculated using the block.blockhash(uint blockNumber) method. "
"at index {}".format(index) "The block number is obtained from storage index {}".format(
index
)
) )
issue = Issue( issue = Issue(
contract=call.node.contract_name, contract=call.node.contract_name,
function_name=call.node.function_name, function_name=call.node.function_name,
address=address, address=address,
bytecode=call.state.environment.code.bytecode, bytecode=call.state.environment.code.bytecode,
title="Dependence on predictable variable", title="Dependence on Predictable Variable",
_type="Informational", severity="Low",
description=description, description_head="Sending of Ether depends on the blockhash.",
swc_id=PREDICTABLE_VARS_DEPENDENCE, description_tail=description,
swc_id=WEAK_RANDOMNESS,
gas_used=( gas_used=(
call.state.mstate.min_gas_used, call.state.mstate.min_gas_used,
call.state.mstate.max_gas_used, call.state.mstate.max_gas_used,

@ -24,8 +24,10 @@ def _analyze_state(state):
if instruction["opcode"] == "ORIGIN": if instruction["opcode"] == "ORIGIN":
log.debug("ORIGIN in function " + node.function_name) log.debug("ORIGIN in function " + node.function_name)
title = "Use of tx.origin" title = "Use of tx.origin"
description = ( description_head = "Use of tx.origin is deprecated."
"The function `{}` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. " description_tail = (
"The smart contract retrieves the transaction origin (tx.origin) using msg.origin. "
"Use of msg.origin is deprecated and the instruction may be removed in the future. "
"Use msg.sender instead.\nSee also: " "Use msg.sender instead.\nSee also: "
"https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin".format( "https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin".format(
node.function_name node.function_name
@ -36,9 +38,11 @@ def _analyze_state(state):
elif instruction["opcode"] == "CALLCODE": elif instruction["opcode"] == "CALLCODE":
log.debug("CALLCODE in function " + node.function_name) log.debug("CALLCODE in function " + node.function_name)
title = "Use of callcode" title = "Use of callcode"
description = ( description_head = "Use of callcode is deprecated."
"The function `{}` uses callcode. Callcode does not persist sender or value over the call. " description_tail = (
"Use delegatecall instead.".format(node.function_name) "The callcode method executes code of another contract in the context of the caller account. "
"Due to a bug in the implementation it does not persist sender and value over the call. It was "
"therefore deprecated and may be removed in the future. Use the delegatecall method instead."
) )
swc_id = DEPRICATED_FUNCTIONS_USAGE swc_id = DEPRICATED_FUNCTIONS_USAGE
@ -48,9 +52,10 @@ def _analyze_state(state):
address=instruction["address"], address=instruction["address"],
title=title, title=title,
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
_type="Warning",
swc_id=swc_id, swc_id=swc_id,
description=description, severity="Medium",
description_head=description_head,
description_tail=description_tail,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
return [issue] return [issue]

@ -1,6 +1,7 @@
"""This module contains the detection code for unauthorized ether """This module contains the detection code for unauthorized ether
withdrawal.""" withdrawal."""
import logging import logging
import json
from copy import copy from copy import copy
from mythril.analysis import solver from mythril.analysis import solver
@ -40,6 +41,15 @@ class EtherThief(DetectionModule):
entrypoint="callback", entrypoint="callback",
pre_hooks=["CALL"], pre_hooks=["CALL"],
) )
self._cache_addresses = {}
def reset_module(self):
"""
Resets the module by clearing everything
:return:
"""
super().reset_module()
self._cache_addresses = {}
def execute(self, state: GlobalState): def execute(self, state: GlobalState):
""" """
@ -88,17 +98,18 @@ class EtherThief(DetectionModule):
transaction_sequence = solver.get_transaction_sequence(state, constraints) transaction_sequence = solver.get_transaction_sequence(state, constraints)
debug = str(transaction_sequence) debug = json.dumps(transaction_sequence, indent=4)
issue = Issue( issue = Issue(
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=address, address=instruction["address"],
swc_id=UNPROTECTED_ETHER_WITHDRAWAL, swc_id=UNPROTECTED_ETHER_WITHDRAWAL,
title="Ether thief", title="Unprotected Ether Withdrawal",
_type="Warning", severity="High",
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
description="Arbitrary senders other than the contract creator can withdraw ETH from the contract" description_head="Anyone can withdraw ETH from the contract account.",
description_tail="Arbitrary senders other than the contract creator can withdraw ETH from the contract"
+ " account without previously having sent an equivalent amount of ETH to it. This is likely to be" + " account without previously having sent an equivalent amount of ETH to it. This is likely to be"
+ " a vulnerability.", + " a vulnerability.",
debug=debug, debug=debug,

@ -1,5 +1,6 @@
"""This module contains the detection code for reachable exceptions.""" """This module contains the detection code for reachable exceptions."""
import logging import logging
import json
from mythril.analysis import solver from mythril.analysis import solver
from mythril.analysis.modules.base import DetectionModule from mythril.analysis.modules.base import DetectionModule
@ -25,24 +26,26 @@ def _analyze_state(state) -> list:
try: try:
address = state.get_current_instruction()["address"] address = state.get_current_instruction()["address"]
description = ( description_tail = (
"A reachable exception (opcode 0xfe) has been detected. " "It is possible to trigger an exception (opcode 0xfe). "
"This can be caused by type errors, division by zero, " "Exceptions can be caused by type errors, division by zero, "
"out-of-bounds array access, or assert violations. " "out-of-bounds array access, or assert violations. "
"Note that explicit `assert()` should only be used to check invariants. " "Note that explicit `assert()` should only be used to check invariants. "
"Use `require()` for regular input checking." "Use `require()` for regular input checking."
) )
debug = str(solver.get_transaction_sequence(state, node.constraints)) transaction_sequence = solver.get_transaction_sequence(state, node.constraints)
debug = json.dumps(transaction_sequence, indent=4)
issue = Issue( issue = Issue(
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=address, address=address,
swc_id=ASSERT_VIOLATION, swc_id=ASSERT_VIOLATION,
title="Exception state", title="Exception State",
_type="Informational", severity="Low",
description=description, description_head="A reachable exception has been detected.",
description_tail=description_tail,
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
debug=debug, debug=debug,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),

@ -9,6 +9,7 @@ from mythril.laser.smt import UGT, symbol_factory
from mythril.laser.ethereum.state.global_state import GlobalState from mythril.laser.ethereum.state.global_state import GlobalState
from mythril.exceptions import UnsatError from mythril.exceptions import UnsatError
import logging import logging
import json
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@ -45,11 +46,13 @@ def _analyze_state(state):
constraints += [to == 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF] constraints += [to == 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF]
transaction_sequence = solver.get_transaction_sequence(state, constraints) transaction_sequence = solver.get_transaction_sequence(state, constraints)
debug = str(transaction_sequence) debug = json.dumps(transaction_sequence, indent=4)
description = ( description_head = "A call to a user-supplied address is executed."
"The contract executes a function call with high gas to a user-supplied address. " description_tail = (
"Note that the callee can contain arbitrary code and may re-enter any function in this contract. " "The callee address of an external message call can be set by "
"Review the business logic carefully to prevent unanticipated effects on the contract state." "the caller. Note that the callee can contain arbitrary code and may re-enter any function "
"in this contract. Review the business logic carefully to prevent averse effects on the"
"contract state."
) )
issue = Issue( issue = Issue(
@ -57,10 +60,11 @@ def _analyze_state(state):
function_name=node.function_name, function_name=node.function_name,
address=address, address=address,
swc_id=REENTRANCY, swc_id=REENTRANCY,
title="External call to user-supplied address", title="External Call To User-Supplied Address",
_type="Warning",
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
description=description, severity="Medium",
description_head=description_head,
description_tail=description_tail,
debug=debug, debug=debug,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
@ -71,10 +75,11 @@ def _analyze_state(state):
"[EXTERNAL_CALLS] Callee address cannot be modified. Reporting informational issue." "[EXTERNAL_CALLS] Callee address cannot be modified. Reporting informational issue."
) )
debug = str(transaction_sequence) debug = json.dumps(transaction_sequence, indent=4)
description = ( description_head = "The contract executes an external message call."
"The contract executes a function call to an external address. " description_tail = (
"Verify that the code at this address is trusted and immutable." "An external function call to a fixed contract address is executed. Make sure "
"that the callee contract has been reviewed carefully."
) )
issue = Issue( issue = Issue(
@ -82,10 +87,11 @@ def _analyze_state(state):
function_name=state.node.function_name, function_name=state.node.function_name,
address=address, address=address,
swc_id=REENTRANCY, swc_id=REENTRANCY,
title="External call", title="External Call To Fixed Address",
_type="Informational",
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
description=description, severity="Low",
description_head=description_head,
description_tail=description_tail,
debug=debug, debug=debug,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )

@ -1,14 +1,15 @@
"""This module contains the detection code for integer overflows and """This module contains the detection code for integer overflows and
underflows.""" underflows."""
import json
from mythril.analysis import solver from mythril.analysis import solver
from mythril.analysis.report import Issue from mythril.analysis.report import Issue
from mythril.analysis.swc_data import INTEGER_OVERFLOW_AND_UNDERFLOW from mythril.analysis.swc_data import INTEGER_OVERFLOW_AND_UNDERFLOW
from mythril.exceptions import UnsatError from mythril.exceptions import UnsatError
from mythril.laser.ethereum.state.global_state import GlobalState from mythril.laser.ethereum.state.global_state import GlobalState
from mythril.laser.ethereum.taint_analysis import TaintRunner
from mythril.analysis.modules.base import DetectionModule from mythril.analysis.modules.base import DetectionModule
from mythril.laser.smt import ( from mythril.laser.smt import (
BVAddNoOverflow, BVAddNoOverflow,
BVSubNoUnderflow, BVSubNoUnderflow,
@ -19,7 +20,6 @@ from mythril.laser.smt import (
Expression, Expression,
) )
import copy
import logging import logging
@ -49,6 +49,17 @@ class IntegerOverflowUnderflowModule(DetectionModule):
entrypoint="callback", entrypoint="callback",
pre_hooks=["ADD", "MUL", "SUB", "SSTORE", "JUMPI"], pre_hooks=["ADD", "MUL", "SUB", "SSTORE", "JUMPI"],
) )
self._overflow_cache = {}
self._underflow_cache = {}
def reset_module(self):
"""
Resets the module
:return:
"""
super().reset_module()
self._overflow_cache = {}
self._underflow_cache = {}
def execute(self, state: GlobalState): def execute(self, state: GlobalState):
"""Executes analysis module for integer underflow and integer overflow. """Executes analysis module for integer underflow and integer overflow.
@ -56,6 +67,11 @@ class IntegerOverflowUnderflowModule(DetectionModule):
:param state: Statespace to analyse :param state: Statespace to analyse
:return: Found issues :return: Found issues
""" """
address = _get_address_from_state(state)
has_overflow = self._overflow_cache.get(address, False)
has_underflow = self._underflow_cache.get(address, False)
if has_overflow or has_underflow:
return
if state.get_current_instruction()["opcode"] == "ADD": if state.get_current_instruction()["opcode"] == "ADD":
self._handle_add(state) self._handle_add(state)
elif state.get_current_instruction()["opcode"] == "MUL": elif state.get_current_instruction()["opcode"] == "MUL":
@ -80,7 +96,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
if model is None: if model is None:
return return
annotation = OverUnderflowAnnotation(state, "add", c) annotation = OverUnderflowAnnotation(state, "addition", c)
op0.annotate(annotation) op0.annotate(annotation)
def _handle_mul(self, state): def _handle_mul(self, state):
@ -97,7 +113,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
if model is None: if model is None:
return return
annotation = OverUnderflowAnnotation(state, "multiply", c) annotation = OverUnderflowAnnotation(state, "multiplication", c)
op0.annotate(annotation) op0.annotate(annotation)
def _handle_sub(self, state): def _handle_sub(self, state):
@ -124,46 +140,82 @@ class IntegerOverflowUnderflowModule(DetectionModule):
stack[index] = symbol_factory.BitVecVal(value, 256) stack[index] = symbol_factory.BitVecVal(value, 256)
return stack[index] return stack[index]
@staticmethod
def _get_description_head(annotation, _type):
return "The binary {} can {}.".format(annotation.operator, _type.lower())
@staticmethod
def _get_description_tail(annotation, _type):
return (
"The operands of the {} operation are not sufficiently constrained. "
"The {} could therefore result in an integer {}. Prevent the {} by checking inputs "
"or ensure sure that the {} is caught by an assertion.".format(
annotation.operator,
annotation.operator,
_type.lower(),
_type.lower(),
_type.lower(),
)
)
@staticmethod
def _get_title(_type):
return "Integer {}".format(_type)
def _handle_sstore(self, state): def _handle_sstore(self, state):
stack = state.mstate.stack stack = state.mstate.stack
value = stack[-2] value = stack[-2]
if not isinstance(value, Expression): if not isinstance(value, Expression):
return return
for annotation in value.annotations: for annotation in value.annotations:
if not isinstance(annotation, OverUnderflowAnnotation): if not isinstance(annotation, OverUnderflowAnnotation):
continue continue
title = ( _type = "Underflow" if annotation.operator == "subtraction" else "Overflow"
"Integer Underflow"
if annotation.operator == "subtraction"
else "Integer Overflow"
)
ostate = annotation.overflowing_state ostate = annotation.overflowing_state
node = ostate.node node = ostate.node
issue = Issue( issue = Issue(
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=ostate.get_current_instruction()["address"], address=ostate.get_current_instruction()["address"],
swc_id=INTEGER_OVERFLOW_AND_UNDERFLOW, swc_id=INTEGER_OVERFLOW_AND_UNDERFLOW,
bytecode=ostate.environment.code.bytecode, bytecode=ostate.environment.code.bytecode,
title=title, title=self._get_title(_type),
_type="Warning", severity="High",
description_head=self._get_description_head(annotation, _type),
description_tail=self._get_description_tail(annotation, _type),
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
issue.description = "This binary {} operation can result in {}.\n".format( address = _get_address_from_state(ostate)
annotation.operator, title.lower()
) if annotation.operator == "subtraction" and self._underflow_cache.get(
address, False
):
continue
if annotation.operator != "subtraction" and self._overflow_cache.get(
address, False
):
continue
try: try:
issue.debug = str(
solver.get_transaction_sequence( transaction_sequence = solver.get_transaction_sequence(
state, node.constraints + [annotation.constraint] state, node.constraints + [annotation.constraint]
)
) )
issue.debug = json.dumps(transaction_sequence, indent=4)
except UnsatError: except UnsatError:
return continue
if annotation.operator == "subtraction":
self._underflow_cache[address] = True
else:
self._overflow_cache[address] = True
self._issues.append(issue) self._issues.append(issue)
def _handle_jumpi(self, state): def _handle_jumpi(self, state):
@ -175,34 +227,48 @@ class IntegerOverflowUnderflowModule(DetectionModule):
continue continue
ostate = annotation.overflowing_state ostate = annotation.overflowing_state
node = ostate.node node = ostate.node
title = (
"Integer Underflow"
if annotation.operator == "subtraction"
else "Integer Overflow"
)
_type = "Underflow" if annotation.operator == "subtraction" else "Overflow"
issue = Issue( issue = Issue(
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=ostate.get_current_instruction()["address"], address=ostate.get_current_instruction()["address"],
swc_id=INTEGER_OVERFLOW_AND_UNDERFLOW, swc_id=INTEGER_OVERFLOW_AND_UNDERFLOW,
bytecode=ostate.environment.code.bytecode, bytecode=ostate.environment.code.bytecode,
title=title, title=self._get_title(_type),
_type="Warning", severity="High",
description_head=self._get_description_head(annotation, _type),
description_tail=self._get_description_tail(annotation, _type),
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
issue.description = "This binary {} operation can result in integer overflow.\n".format( address = _get_address_from_state(ostate)
annotation.operator
) if annotation.operator == "subtraction" and self._underflow_cache.get(
address, False
):
continue
if annotation.operator != "subtraction" and self._overflow_cache.get(
address, False
):
continue
try: try:
issue.debug = str(
solver.get_transaction_sequence( transaction_sequence = solver.get_transaction_sequence(
state, node.constraints + [annotation.constraint] state, node.constraints + [annotation.constraint]
)
) )
issue.debug = json.dumps(transaction_sequence, indent=4)
except UnsatError: except UnsatError:
return continue
if annotation.operator == "subtraction":
self._underflow_cache[address] = True
else:
self._overflow_cache[address] = True
self._issues.append(issue) self._issues.append(issue)
@staticmethod @staticmethod
@ -218,3 +284,7 @@ class IntegerOverflowUnderflowModule(DetectionModule):
detector = IntegerOverflowUnderflowModule() detector = IntegerOverflowUnderflowModule()
def _get_address_from_state(state):
return state.get_current_instruction()["address"]

@ -71,28 +71,34 @@ def _analyze_state(state: GlobalState):
else: # RETURN or STOP else: # RETURN or STOP
if len(calls) > 1: if len(calls) > 1:
description_tail = (
"Consecutive calls are executed at the following bytecode offsets:\n"
)
for call in calls:
description_tail += "Offset: {}\n".format(
call.state.get_current_instruction()["address"]
)
description_tail += (
"Try to isolate each external call into its own transaction,"
" as external calls can fail accidentally or deliberately.\n"
)
issue = Issue( issue = Issue(
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=instruction["address"], address=instruction["address"],
swc_id=MULTIPLE_SENDS, swc_id=MULTIPLE_SENDS,
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
title="Multiple Calls", title="Multiple Calls in a Single Transaction",
_type="Informational", severity="Medium",
description_head="Multiple sends are executed in one transaction.",
description_tail=description_tail,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
issue.description = (
"Multiple sends are executed in a single transaction. "
"Try to isolate each external call into its own transaction,"
" as external calls can fail accidentally or deliberately.\nConsecutive calls: \n"
)
for call in calls:
issue.description += "Call at address: {}\n".format(
call.state.get_current_instruction()["address"]
)
return [issue] return [issue]
return [] return []

@ -5,6 +5,7 @@ from mythril.exceptions import UnsatError
from mythril.analysis.modules.base import DetectionModule from mythril.analysis.modules.base import DetectionModule
from mythril.laser.ethereum.state.global_state import GlobalState from mythril.laser.ethereum.state.global_state import GlobalState
import logging import logging
import json
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@ -14,62 +15,27 @@ For kill-able contracts, also check whether it is possible to direct the contrac
""" """
def _analyze_state(state):
log.info("Suicide module: Analyzing suicide instruction")
node = state.node
instruction = state.get_current_instruction()
to = state.mstate.stack[-1]
log.debug("[SUICIDE] SUICIDE in function " + node.function_name)
try:
try:
transaction_sequence = solver.get_transaction_sequence(
state,
node.constraints + [to == 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF],
)
description = "Anyone can kill this contract and withdraw its balance to their own account."
except UnsatError:
transaction_sequence = solver.get_transaction_sequence(
state, node.constraints
)
description = (
"The contract can be killed by anyone. Don't accidentally kill it."
)
debug = str(transaction_sequence)
issue = Issue(
contract=node.contract_name,
function_name=node.function_name,
address=instruction["address"],
swc_id=UNPROTECTED_SELFDESTRUCT,
bytecode=state.environment.code.bytecode,
title="Unchecked SUICIDE",
_type="Warning",
description=description,
debug=debug,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
)
return [issue]
except UnsatError:
log.info("[UNCHECKED_SUICIDE] no model found")
return []
class SuicideModule(DetectionModule): class SuicideModule(DetectionModule):
"""This module checks if the contact can be 'accidentally' killed by """This module checks if the contact can be 'accidentally' killed by
anyone.""" anyone."""
def __init__(self): def __init__(self):
super().__init__( super().__init__(
name="Unprotected Suicide", name="Unprotected Selfdestruct",
swc_id=UNPROTECTED_SELFDESTRUCT, swc_id=UNPROTECTED_SELFDESTRUCT,
description=DESCRIPTION, description=DESCRIPTION,
entrypoint="callback", entrypoint="callback",
pre_hooks=["SUICIDE"], pre_hooks=["SUICIDE"],
) )
self._cache_address = {}
def reset_module(self):
"""
Resets the module
:return:
"""
super().reset_module()
self._cache_address = {}
def execute(self, state: GlobalState): def execute(self, state: GlobalState):
""" """
@ -77,8 +43,59 @@ class SuicideModule(DetectionModule):
:param state: :param state:
:return: :return:
""" """
self._issues.extend(_analyze_state(state)) self._issues.extend(self._analyze_state(state))
return self.issues return self.issues
def _analyze_state(self, state):
log.info("Suicide module: Analyzing suicide instruction")
node = state.node
instruction = state.get_current_instruction()
if self._cache_address.get(instruction["address"], False):
return []
to = state.mstate.stack[-1]
log.debug("[SUICIDE] SUICIDE in function " + node.function_name)
description_head = "The contract can be killed by anyone."
try:
try:
transaction_sequence = solver.get_transaction_sequence(
state,
node.constraints
+ [to == 0xDEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF],
)
description_tail = "Arbitrary senders can kill this contract and withdraw its balance to their own account."
except UnsatError:
transaction_sequence = solver.get_transaction_sequence(
state, node.constraints
)
description_tail = (
"Arbitrary senders can kill this contract but it is not possible to set the target address to which"
"the contract balance is sent."
)
debug = json.dumps(transaction_sequence, indent=4)
self._cache_address[instruction["address"]] = True
issue = Issue(
contract=node.contract_name,
function_name=node.function_name,
address=instruction["address"],
swc_id=UNPROTECTED_SELFDESTRUCT,
bytecode=state.environment.code.bytecode,
title="Unprotected Selfdestruct",
severity="High",
description_head=description_head,
description_tail=description_tail,
debug=debug,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
)
return [issue]
except UnsatError:
log.info("[UNCHECKED_SUICIDE] no model found")
return []
detector = SuicideModule() detector = SuicideModule()

@ -46,6 +46,11 @@ class TxOrderDependenceModule(DetectionModule):
self._get_influencing_sstores(statespace, interesting_storages) self._get_influencing_sstores(statespace, interesting_storages)
) )
description_tail = (
"A transaction order dependence vulnerability may exist in this contract. The value or "
"target of the call statement is loaded from a writable storage location."
)
# Build issue if necessary # Build issue if necessary
if len(changing_sstores) > 0: if len(changing_sstores) > 0:
node = call.node node = call.node
@ -54,20 +59,18 @@ class TxOrderDependenceModule(DetectionModule):
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=instruction["address"], address=instruction["address"],
title="Transaction order dependence", title="Transaction Order Dependence",
bytecode=call.state.environment.code.bytecode, bytecode=call.state.environment.code.bytecode,
swc_id=TX_ORDER_DEPENDENCE, swc_id=TX_ORDER_DEPENDENCE,
_type="Warning", severity="Medium",
description_head="The call outcome may depend on transaction order.",
description_tail=description_tail,
gas_used=( gas_used=(
call.state.mstate.min_gas_used, call.state.mstate.min_gas_used,
call.state.mstate.max_gas_used, call.state.mstate.max_gas_used,
), ),
) )
issue.description = (
"Possible transaction order dependence vulnerability: The value or "
"direction of the call statement is determined from a tainted storage location."
)
issues.append(issue) issues.append(issue)
return issues return issues

@ -71,24 +71,29 @@ def _analyze_state(state: GlobalState) -> list:
issues = [] issues = []
for retval in retvals: for retval in retvals:
try: try:
model = solver.get_model(node.constraints + [retval["retval"] == 0]) solver.get_model(node.constraints + [retval["retval"] == 0])
except UnsatError: except UnsatError:
continue continue
description_tail = (
"External calls return a boolean value. If the callee contract halts with an exception, 'false' is "
"returned and execution continues in the caller. It is usually recommended to wrap external calls "
"into a require statement to prevent unexpected states."
)
issue = Issue( issue = Issue(
contract=node.contract_name, contract=node.contract_name,
function_name=node.function_name, function_name=node.function_name,
address=retval["address"], address=retval["address"],
bytecode=state.environment.code.bytecode, bytecode=state.environment.code.bytecode,
title="Unchecked CALL return value", title="Unchecked Call Return Value",
swc_id=UNCHECKED_RET_VAL, swc_id=UNCHECKED_RET_VAL,
severity="Low",
description_head="The return value of a message call is not checked.",
description_tail=description_tail,
gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used), gas_used=(state.mstate.min_gas_used, state.mstate.max_gas_used),
) )
issue.description = (
"The return value of an external call is not checked. "
"Note that execution continue even if the called contract throws."
)
issues.append(issue) issues.append(issue)
return issues return issues

@ -6,6 +6,11 @@ from jinja2 import PackageLoader, Environment
import _pysha3 as sha3 import _pysha3 as sha3
import hashlib import hashlib
from mythril.solidity.soliditycontract import SolidityContract
from mythril.analysis.swc_data import SWC_TO_TITLE
from mythril.support.source_support import Source
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
@ -21,8 +26,9 @@ class Issue:
title, title,
bytecode, bytecode,
gas_used=(None, None), gas_used=(None, None),
_type="Informational", severity=None,
description="", description_head="",
description_tail="",
debug="", debug="",
): ):
""" """
@ -42,14 +48,17 @@ class Issue:
self.contract = contract self.contract = contract
self.function = function_name self.function = function_name
self.address = address self.address = address
self.description = description self.description_head = description_head
self.type = _type self.description_tail = description_tail
self.description = "%s\n%s" % (description_head, description_tail)
self.severity = severity
self.debug = debug self.debug = debug
self.swc_id = swc_id self.swc_id = swc_id
self.min_gas_used, self.max_gas_used = gas_used self.min_gas_used, self.max_gas_used = gas_used
self.filename = None self.filename = None
self.code = None self.code = None
self.lineno = None self.lineno = None
self.source_mapping = None
try: try:
keccak = sha3.keccak_256() keccak = sha3.keccak_256()
@ -73,11 +82,12 @@ class Issue:
"contract": self.contract, "contract": self.contract,
"description": self.description, "description": self.description,
"function": self.function, "function": self.function,
"type": self.type, "severity": self.severity,
"address": self.address, "address": self.address,
"debug": self.debug, "debug": self.debug,
"min_gas_used": self.min_gas_used, "min_gas_used": self.min_gas_used,
"max_gas_used": self.max_gas_used, "max_gas_used": self.max_gas_used,
"sourceMap": self.source_mapping,
} }
if self.filename and self.lineno: if self.filename and self.lineno:
@ -94,13 +104,16 @@ class Issue:
:param contract: :param contract:
""" """
if self.address: if self.address and isinstance(contract, SolidityContract):
codeinfo = contract.get_source_info( codeinfo = contract.get_source_info(
self.address, constructor=(self.function == "constructor") self.address, constructor=(self.function == "constructor")
) )
self.filename = codeinfo.filename self.filename = codeinfo.filename
self.code = codeinfo.code self.code = codeinfo.code
self.lineno = codeinfo.lineno self.lineno = codeinfo.lineno
self.source_mapping = codeinfo.solc_mapping
else:
self.source_mapping = self.address
class Report: class Report:
@ -110,14 +123,16 @@ class Report:
loader=PackageLoader("mythril.analysis"), trim_blocks=True loader=PackageLoader("mythril.analysis"), trim_blocks=True
) )
def __init__(self, verbose=False): def __init__(self, verbose=False, source=None):
""" """
:param verbose: :param verbose:
""" """
self.issues = {} self.issues = {}
self.verbose = verbose self.verbose = verbose
pass self.solc_version = ""
self.meta = {}
self.source = source or Source()
def sorted_issues(self): def sorted_issues(self):
""" """
@ -160,16 +175,44 @@ class Report:
:return: :return:
""" """
result = { _issues = []
"issues": [ source_list = []
for key, issue in self.issues.items():
if issue.bytecode_hash not in source_list:
idx = len(source_list)
source_list.append(issue.bytecode_hash)
else:
idx = source_list.index(issue.bytecode_hash)
try:
title = SWC_TO_TITLE[issue.swc_id]
except KeyError:
title = "Unspecified Security Issue"
_issues.append(
{ {
"swc-id": "SWC-{}".format(issue.swc_id), "swcID": "SWC-" + issue.swc_id,
"bytecodeOffset": issue.address, "swcTitle": title,
"codeHash": issue.bytecode_hash, "description": {
"head": issue.description_head,
"tail": issue.description_tail,
},
"severity": issue.severity,
"locations": [{"sourceMap": "%d:1:%d" % (issue.address, idx)}],
"extra": {},
} }
for issue in self.issues.values() )
]
result = {
"issues": _issues,
"sourceType": "raw-bytecode",
"sourceFormat": "evm-byzantium-bytecode",
"sourceList": source_list,
"meta": {},
} }
return json.dumps(result, sort_keys=True) return json.dumps(result, sort_keys=True)
def as_markdown(self): def as_markdown(self):

@ -28,6 +28,7 @@ def get_detection_module_hooks(modules, hook_type="pre"):
if hook_type == "pre" if hook_type == "pre"
else module.detector.post_hooks else module.detector.post_hooks
) )
for op_code in map(lambda x: x.upper(), hooks): for op_code in map(lambda x: x.upper(), hooks):
if op_code in OPCODE_LIST: if op_code in OPCODE_LIST:
hook_dict[op_code].append(module.detector.execute) hook_dict[op_code].append(module.detector.execute)

@ -17,13 +17,47 @@ MULTIPLE_SENDS = "113"
TX_ORDER_DEPENDENCE = "114" TX_ORDER_DEPENDENCE = "114"
TX_ORIGIN_USAGE = "115" TX_ORIGIN_USAGE = "115"
TIMESTAMP_DEPENDENCE = "116" TIMESTAMP_DEPENDENCE = "116"
# TODO: SWC ID 116 is missing, Add it if it's added to the https://github.com/SmartContractSecurity/SWC-registry
INCORRECT_CONSTRUCTOR_NAME = "118" INCORRECT_CONSTRUCTOR_NAME = "118"
SHADOWING_STATE_VARIABLES = "119" SHADOWING_STATE_VARIABLES = "119"
WEAK_RANDOMNESS = "120" WEAK_RANDOMNESS = "120"
SIGNATURE_REPLAY = "121" SIGNATURE_REPLAY = "121"
IMPROPER_VERIFICATION_BASED_ON_MSG_SENDER = "122" IMPROPER_VERIFICATION_BASED_ON_MSG_SENDER = "122"
REQUIREMENT_VIOLATION = "123"
WRITE_TO_ARBITRARY_STORAGE = "124"
INCORRECT_INHERITANCE_ORDER = "125"
ARBITRARY_JUMP = "127"
DOS_WITH_BLOCK_GAS_LIMIT = "128"
TYPOGRAPHICAL_ERROR = "129"
PREDICTABLE_VARS_DEPENDENCE = (
"N/A" SWC_TO_TITLE = {
) # TODO: Add the swc id when this is added to the SWC Registry "100": "Function Default Visibility",
"101": "Integer Overflow and Underflow",
"102": "Outdated Compiler Version",
"103": "Floating Pragma",
"104": "Unchecked Call Return Value",
"105": "Unprotected Ether Withdrawal",
"106": "Unprotected SELFDESTRUCT Instruction",
"107": "Reentrancy",
"108": "State Variable Default Visibility",
"109": "Uninitialized Storage Pointer",
"110": "Assert Violation",
"111": "Use of Deprecated Solidity Functions",
"112": "Delegatecall to Untrusted Callee",
"113": "DoS with Failed Call",
"114": "Transaction Order Dependence",
"115": "Authorization through tx.origin",
"116": "Timestamp Dependence",
"117": "Signature Malleability",
"118": "Incorrect Constructor Name",
"119": "Shadowing State Variables",
"120": "Weak Sources of Randomness from Chain Attributes",
"121": "Missing Protection against Signature Replay Attacks",
"122": "Lack of Proper Signature Verification",
"123": "Requirement Violation",
"124": "Write to Arbitrary Storage Location",
"125": "Incorrect Inheritance Order",
"127": "Arbitrary Jump with Function Type Variable",
"128": "DoS With Block Gas Limit",
"129": "Typographical Error",
}

@ -4,7 +4,7 @@
## {{ issue.title }} ## {{ issue.title }}
- SWC ID: {{ issue['swc-id'] }} - SWC ID: {{ issue['swc-id'] }}
- Type: {{ issue.type }} - Severity: {{ issue.severity }}
- Contract: {{ issue.contract | default("Unknown") }} - Contract: {{ issue.contract | default("Unknown") }}
- Function name: `{{ issue.function }}` - Function name: `{{ issue.function }}`
- PC address: {{ issue.address }} - PC address: {{ issue.address }}

@ -2,7 +2,7 @@
{% for issue in issues %} {% for issue in issues %}
==== {{ issue.title }} ==== ==== {{ issue.title }} ====
SWC ID: {{ issue['swc-id'] }} SWC ID: {{ issue['swc-id'] }}
Type: {{ issue.type }} Severity: {{ issue.severity }}
Contract: {{ issue.contract | default("Unknown") }} Contract: {{ issue.contract | default("Unknown") }}
Function name: {{ issue.function }} Function name: {{ issue.function }}
PC address: {{ issue.address }} PC address: {{ issue.address }}
@ -20,7 +20,7 @@ In file: {{ issue.filename }}:{{ issue.lineno }}
{% endif %} {% endif %}
{% if verbose and issue.debug %} {% if verbose and issue.debug %}
-------------------- --------------------
DEBUGGING INFORMATION: Transaction Sequence:
{{ issue.debug }} {{ issue.debug }}
{% endif %} {% endif %}

@ -78,7 +78,6 @@ def get_function_info(
# Append with missing 0s at the beginning # Append with missing 0s at the beginning
function_hash = "0x" + instruction_list[index]["argument"][2:].rjust(8, "0") function_hash = "0x" + instruction_list[index]["argument"][2:].rjust(8, "0")
function_names = signature_database.get(function_hash) function_names = signature_database.get(function_hash)
if len(function_names) > 1: if len(function_names) > 1:
# In this case there was an ambiguous result # In this case there was an ambiguous result

@ -1,6 +1,10 @@
"""This module contains the class representing EVM contracts, aka Smart """This module contains the class representing EVM contracts, aka Smart
Contracts.""" Contracts."""
import re import re
import _pysha3 as sha3
import logging
log = logging.getLogger(__name__)
import persistent import persistent
from ethereum import utils from ethereum import utils
@ -37,6 +41,38 @@ class EVMContract(persistent.Persistent):
creation_code, enable_online_lookup=enable_online_lookup creation_code, enable_online_lookup=enable_online_lookup
) )
@property
def bytecode_hash(self):
"""
:return: runtime bytecode hash
"""
return self._get_hash(self.code[2:])
@property
def creation_bytecode_hash(self):
"""
:return: Creation bytecode hash
"""
return self._get_hash(self.creation_code[2:])
@staticmethod
def _get_hash(code):
"""
:param code: bytecode
:return: Returns hash of the given bytecode
"""
try:
keccak = sha3.keccak_256()
keccak.update(bytes.fromhex(code[2:]))
return "0x" + keccak.hexdigest()
except ValueError:
log.debug(
"Unable to change the bytecode to bytes. Bytecode: {}".format(code)
)
return ""
def as_dict(self): def as_dict(self):
""" """

@ -32,11 +32,11 @@ def get_solc_json(file, solc_binary="solc", solc_args=None):
:param solc_args: :param solc_args:
:return: :return:
""" """
cmd = [solc_binary, "--combined-json", "bin,bin-runtime,srcmap,srcmap-runtime"] cmd = [solc_binary, "--combined-json", "bin,bin-runtime,srcmap,srcmap-runtime"]
if solc_args: if solc_args:
cmd.extend(solc_args.split()) cmd.extend(solc_args.split())
if not "--allow-paths" in cmd: if not "--allow-paths" in cmd:
cmd.extend(["--allow-paths", "."]) cmd.extend(["--allow-paths", "."])
else: else:

@ -114,10 +114,10 @@ def main():
outputs.add_argument( outputs.add_argument(
"-o", "-o",
"--outform", "--outform",
choices=["text", "markdown", "json"], choices=["text", "markdown", "json", "jsonv2"],
default="text", default="text",
help="report output format", help="report output format",
metavar="<text/markdown/json>", metavar="<text/markdown/json/jsonv2>",
) )
outputs.add_argument( outputs.add_argument(
"--verbose-report", "--verbose-report",
@ -431,6 +431,7 @@ def main():
) )
outputs = { outputs = {
"json": report.as_json(), "json": report.as_json(),
"jsonv2": report.as_swc_standard_format(),
"text": report.as_text(), "text": report.as_text(),
"markdown": report.as_markdown(), "markdown": report.as_markdown(),
} }

@ -4,6 +4,7 @@ parameters for the new global state."""
import logging import logging
from typing import Union, List from typing import Union, List
from z3 import Z3Exception
from mythril.laser.ethereum import natives from mythril.laser.ethereum import natives
from mythril.laser.ethereum.gas import OPCODE_GAS from mythril.laser.ethereum.gas import OPCODE_GAS
@ -178,19 +179,23 @@ def get_call_data(
else memory_size else memory_size
) )
uses_entire_calldata = simplify(
memory_size - global_state.environment.calldata.calldatasize == 0
)
if uses_entire_calldata == True:
return global_state.environment.calldata
try: try:
calldata_from_mem = state.memory[ calldata_from_mem = state.memory[
util.get_concrete_int(memory_start) : util.get_concrete_int( util.get_concrete_int(memory_start) : util.get_concrete_int(
memory_start + memory_size memory_start + memory_size
) )
] ]
call_data = ConcreteCalldata(transaction_id, calldata_from_mem) return ConcreteCalldata(transaction_id, calldata_from_mem)
log.debug("Calldata: " + str(call_data))
except TypeError: except TypeError:
log.debug("Unsupported symbolic calldata offset") log.debug("Unsupported symbolic calldata offset")
call_data = SymbolicCalldata("{}_internalcall".format(transaction_id)) return SymbolicCalldata(transaction_id)
return call_data
def native_call( def native_call(

@ -262,6 +262,7 @@ class LaserEVM:
:return: :return:
""" """
instructions = global_state.environment.code.instruction_list instructions = global_state.environment.code.instruction_list
try: try:
op_code = instructions[global_state.mstate.pc]["opcode"] op_code = instructions[global_state.mstate.pc]["opcode"]
except IndexError: except IndexError:

@ -32,6 +32,7 @@ from mythril.ethereum.interface.rpc.exceptions import ConnectionError
from mythril.exceptions import CompilerError, CriticalError, NoContractFoundError from mythril.exceptions import CompilerError, CriticalError, NoContractFoundError
from mythril.solidity.soliditycontract import SolidityContract, get_contracts_from_file from mythril.solidity.soliditycontract import SolidityContract, get_contracts_from_file
from mythril.support import signatures from mythril.support import signatures
from mythril.support.source_support import Source
from mythril.support.loader import DynLoader from mythril.support.loader import DynLoader
from mythril.exceptions import CompilerError, NoContractFoundError, CriticalError from mythril.exceptions import CompilerError, NoContractFoundError, CriticalError
from mythril.analysis.symbolic import SymExecWrapper from mythril.analysis.symbolic import SymExecWrapper
@ -596,14 +597,15 @@ class Mythril(object):
) )
issues = retrieve_callback_issues(modules) issues = retrieve_callback_issues(modules)
if type(contract) == SolidityContract: for issue in issues:
for issue in issues: issue.add_code_info(contract)
issue.add_code_info(contract)
all_issues += issues all_issues += issues
source_data = Source()
source_data.get_source_from_contracts_list(self.contracts)
# Finally, output the results # Finally, output the results
report = Report(verbose_report) report = Report(verbose_report, source_data)
for issue in all_issues: for issue in all_issues:
report.append_issue(issue) report.append_issue(issue)

@ -7,13 +7,14 @@ from mythril.exceptions import NoContractFoundError
class SourceMapping: class SourceMapping:
"""Representation of a source mapping for a Solidity file.""" def __init__(self, solidity_file_idx, offset, length, lineno, mapping):
"""Representation of a source mapping for a Solidity file."""
def __init__(self, solidity_file_idx, offset, length, lineno):
self.solidity_file_idx = solidity_file_idx self.solidity_file_idx = solidity_file_idx
self.offset = offset self.offset = offset
self.length = length self.length = length
self.lineno = lineno self.lineno = lineno
self.solc_mapping = mapping
class SolidityFile: class SolidityFile:
@ -25,12 +26,13 @@ class SolidityFile:
class SourceCodeInfo: class SourceCodeInfo:
"""Metadata class containing a code reference for a specific file.""" def __init__(self, filename, lineno, code, mapping):
"""Metadata class containing a code reference for a specific file."""
def __init__(self, filename, lineno, code):
self.filename = filename self.filename = filename
self.lineno = lineno self.lineno = lineno
self.code = code self.code = code
self.solc_mapping = mapping
def get_contracts_from_file(input_file, solc_args=None, solc_binary="solc"): def get_contracts_from_file(input_file, solc_args=None, solc_binary="solc"):
@ -60,7 +62,6 @@ class SolidityContract(EVMContract):
"""Representation of a Solidity contract.""" """Representation of a Solidity contract."""
def __init__(self, input_file, name=None, solc_args=None, solc_binary="solc"): def __init__(self, input_file, name=None, solc_args=None, solc_binary="solc"):
data = get_solc_json(input_file, solc_args=solc_args, solc_binary=solc_binary) data = get_solc_json(input_file, solc_args=solc_args, solc_binary=solc_binary)
self.solidity_files = [] self.solidity_files = []
@ -126,8 +127,8 @@ class SolidityContract(EVMContract):
disassembly = self.creation_disassembly if constructor else self.disassembly disassembly = self.creation_disassembly if constructor else self.disassembly
mappings = self.constructor_mappings if constructor else self.mappings mappings = self.constructor_mappings if constructor else self.mappings
index = helper.get_instruction_index(disassembly.instruction_list, address) index = helper.get_instruction_index(disassembly.instruction_list, address)
solidity_file = self.solidity_files[mappings[index].solidity_file_idx]
solidity_file = self.solidity_files[mappings[index].solidity_file_idx]
filename = solidity_file.filename filename = solidity_file.filename
offset = mappings[index].offset offset = mappings[index].offset
@ -137,8 +138,7 @@ class SolidityContract(EVMContract):
"utf-8", errors="ignore" "utf-8", errors="ignore"
) )
lineno = mappings[index].lineno lineno = mappings[index].lineno
return SourceCodeInfo(filename, lineno, code, mappings[index].solc_mapping)
return SourceCodeInfo(filename, lineno, code)
def _get_solc_mappings(self, srcmap, constructor=False): def _get_solc_mappings(self, srcmap, constructor=False):
""" """
@ -147,7 +147,10 @@ class SolidityContract(EVMContract):
:param constructor: :param constructor:
""" """
mappings = self.constructor_mappings if constructor else self.mappings mappings = self.constructor_mappings if constructor else self.mappings
prev_item = ""
for item in srcmap: for item in srcmap:
if item == "":
item = prev_item
mapping = item.split(":") mapping = item.split(":")
if len(mapping) > 0 and len(mapping[0]) > 0: if len(mapping) > 0 and len(mapping[0]) > 0:
@ -164,5 +167,5 @@ class SolidityContract(EVMContract):
.count("\n".encode("utf-8")) .count("\n".encode("utf-8"))
+ 1 + 1
) )
prev_item = item
mappings.append(SourceMapping(idx, offset, length, lineno)) mappings.append(SourceMapping(idx, offset, length, lineno, item))

@ -0,0 +1,47 @@
from mythril.solidity.soliditycontract import SolidityContract
from mythril.ethereum.evmcontract import EVMContract
class Source:
"""Class to handle to source data"""
def __init__(
self, source_type=None, source_format=None, source_list=None, meta=None
):
"""
:param source_type: whether it is a solidity-file or evm-bytecode
:param source_format: whether it is bytecode, ethereum-address or text
:param source_list: List of files
:param meta: meta data
"""
self.source_type = source_type
self.source_format = source_format
self.source_list = source_list or []
self.meta = meta
def get_source_from_contracts_list(self, contracts):
"""
get the source data from the contracts list
:param contracts: the list of contracts
:return:
"""
if contracts is None or len(contracts) == 0:
return
if isinstance(contracts[0], SolidityContract):
self.source_type = "solidity-file"
self.source_format = "text"
for contract in contracts:
self.source_list += [file.filename for file in contract.solidity_files]
elif isinstance(contracts[0], EVMContract):
self.source_format = "evm-byzantium-bytecode"
self.source_type = (
"raw-bytecode" if contracts[0].name == "MAIN" else "ethereum-address"
)
for contract in contracts:
if contract.creation_code:
self.source_list.append(contract.creation_bytecode_hash)
if contract.code:
self.source_list.append(contract.bytecode_hash)
else:
assert False # Fail hard

@ -165,7 +165,11 @@ def get_mappings(source, deployed_source_map):
:return: :return:
""" """
mappings = [] mappings = []
prev_item = ""
for item in deployed_source_map: for item in deployed_source_map:
if item == "":
item = prev_item
mapping = item.split(":") mapping = item.split(":")
if len(mapping) > 0 and len(mapping[0]) > 0: if len(mapping) > 0 and len(mapping[0]) > 0:
@ -178,7 +182,8 @@ def get_mappings(source, deployed_source_map):
idx = int(mapping[2]) idx = int(mapping[2])
lineno = source.encode("utf-8")[0:offset].count("\n".encode("utf-8")) + 1 lineno = source.encode("utf-8")[0:offset].count("\n".encode("utf-8")) + 1
prev_item = item
mappings.append(SourceMapping(idx, offset, length, lineno)) mappings.append(SourceMapping(idx, offset, length, lineno, item))
return mappings return mappings

@ -34,7 +34,7 @@ class TruffleTestCase(BaseTestCase):
command = "cd {}; truffle compile; python3 {} --truffle -t 2".format( command = "cd {}; truffle compile; python3 {} --truffle -t 2".format(
truffle_project_root, MYTH truffle_project_root, MYTH
) )
self.assertIn("=== Ether thief ====", output_of(command)) self.assertIn("=== Unprotected Ether Withdrawal ====", output_of(command))
class InfuraTestCase(BaseTestCase): class InfuraTestCase(BaseTestCase):

@ -76,10 +76,9 @@ def _assert_empty(changed_files, postfix):
assert message == "", message assert message == "", message
def _assert_empty_json(changed_files): def _assert_empty_json(changed_files, postfix=".json"):
"""Asserts there are no changed files and otherwise builds error """Asserts there are no changed files and otherwise builds error
message.""" message."""
postfix = ".json"
expected = [] expected = []
actual = [] actual = []
@ -124,14 +123,11 @@ def _get_changed_files(postfix, report_builder, reports):
output_expected = TESTDATA_OUTPUTS_EXPECTED / (input_file.name + postfix) output_expected = TESTDATA_OUTPUTS_EXPECTED / (input_file.name + postfix)
output_current = TESTDATA_OUTPUTS_CURRENT / (input_file.name + postfix) output_current = TESTDATA_OUTPUTS_CURRENT / (input_file.name + postfix)
output_current.write_text(report_builder(report)) output_current.write_text(report_builder(report))
if not (output_expected.read_text() == output_current.read_text()): if not (output_expected.read_text() == output_current.read_text()):
yield input_file yield input_file
def _get_changed_files_json(report_builder, reports): def _get_changed_files_json(report_builder, reports, postfix=".json"):
postfix = ".json"
def ordered(obj): def ordered(obj):
""" """
@ -180,3 +176,14 @@ def test_text_report(reports):
), ),
".text", ".text",
) )
def test_jsonv2_report(reports):
_assert_empty_json(
_get_changed_files_json(
lambda report: _fix_path(report.as_swc_standard_format()).strip(),
reports,
".jsonv2",
),
".jsonv2",
)

@ -1,102 +1 @@
{ {"error": null, "issues": [{"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract executes an external message call.\nAn external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.", "function": "thisisfine()", "max_gas_used": 1254, "min_gas_used": 643, "severity": "Low", "sourceMap": null, "swc-id": "107", "title": "External Call To Fixed Address"}, {"address": 661, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "thisisfine()", "max_gas_used": 35972, "min_gas_used": 1361, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract executes an external message call.\nAn external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.", "function": "callstoredaddress()", "max_gas_used": 1298, "min_gas_used": 687, "severity": "Low", "sourceMap": null, "swc-id": "107", "title": "External Call To Fixed Address"}, {"address": 779, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "callstoredaddress()", "max_gas_used": 36016, "min_gas_used": 1405, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract executes an external message call.\nAn external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.", "function": "reentrancy()", "max_gas_used": 1320, "min_gas_used": 709, "severity": "Low", "sourceMap": null, "swc-id": "107", "title": "External Call To Fixed Address"}, {"address": 858, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "reentrancy()", "max_gas_used": 61052, "min_gas_used": 6441, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state.", "function": "calluseraddress(address)", "max_gas_used": 616, "min_gas_used": 335, "severity": "Medium", "sourceMap": null, "swc-id": "107", "title": "External Call To User-Supplied Address"}, {"address": 912, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "calluseraddress(address)", "max_gas_used": 35336, "min_gas_used": 1055, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}], "success": true}
"error": null,
"issues": [
{
"address": 661,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.",
"function": "thisisfine()",
"max_gas_used": 1254,
"min_gas_used": 643,
"swc-id": "107",
"title": "External call",
"type": "Informational"
},
{
"address": 661,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "thisisfine()",
"max_gas_used": 35972,
"min_gas_used": 1361,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
},
{
"address": 779,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.",
"function": "callstoredaddress()",
"max_gas_used": 1298,
"min_gas_used": 687,
"swc-id": "107",
"title": "External call",
"type": "Informational"
},
{
"address": 779,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "callstoredaddress()",
"max_gas_used": 36016,
"min_gas_used": 1405,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
},
{
"address": 858,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.",
"function": "reentrancy()",
"max_gas_used": 1320,
"min_gas_used": 709,
"swc-id": "107",
"title": "External call",
"type": "Informational"
},
{
"address": 858,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "reentrancy()",
"max_gas_used": 61052,
"min_gas_used": 6441,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
},
{
"address": 912,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state.",
"function": "calluseraddress(address)",
"max_gas_used": 616,
"min_gas_used": 335,
"swc-id": "107",
"title": "External call to user-supplied address",
"type": "Warning"
},
{
"address": 912,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "calluseraddress(address)",
"max_gas_used": 35336,
"min_gas_used": 1055,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "The contract executes an external message call.", "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."}, "extra": {}, "locations": [{"sourceMap": "661:1:0"}], "severity": "Low", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "The contract executes an external message call.", "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."}, "extra": {}, "locations": [{"sourceMap": "779:1:0"}], "severity": "Low", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "The contract executes an external message call.", "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."}, "extra": {}, "locations": [{"sourceMap": "858:1:0"}], "severity": "Low", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "A call to a user-supplied address is executed.", "tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state."}, "extra": {}, "locations": [{"sourceMap": "912:1:0"}], "severity": "Medium", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "661:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "779:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "858:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "912:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0x7cbb77986c6b1bf6e945cd3fba06d3ea3d28cfc49cdfdc9571ec30703ac5862f"], "sourceType": "raw-bytecode"}

@ -1,8 +1,8 @@
# Analysis results for test-filename.sol # Analysis results for test-filename.sol
## External call ## External Call To Fixed Address
- SWC ID: 107 - SWC ID: 107
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `thisisfine()` - Function name: `thisisfine()`
- PC address: 661 - PC address: 661
@ -10,11 +10,12 @@
### Description ### Description
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `thisisfine()` - Function name: `thisisfine()`
- PC address: 661 - PC address: 661
@ -22,11 +23,12 @@ The contract executes a function call to an external address. Verify that the co
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
## External call ## External Call To Fixed Address
- SWC ID: 107 - SWC ID: 107
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `callstoredaddress()` - Function name: `callstoredaddress()`
- PC address: 779 - PC address: 779
@ -34,11 +36,12 @@ The return value of an external call is not checked. Note that execution continu
### Description ### Description
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `callstoredaddress()` - Function name: `callstoredaddress()`
- PC address: 779 - PC address: 779
@ -46,11 +49,12 @@ The contract executes a function call to an external address. Verify that the co
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
## External call ## External Call To Fixed Address
- SWC ID: 107 - SWC ID: 107
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `reentrancy()` - Function name: `reentrancy()`
- PC address: 858 - PC address: 858
@ -58,11 +62,12 @@ The return value of an external call is not checked. Note that execution continu
### Description ### Description
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `reentrancy()` - Function name: `reentrancy()`
- PC address: 858 - PC address: 858
@ -70,11 +75,12 @@ The contract executes a function call to an external address. Verify that the co
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
## External call to user-supplied address ## External Call To User-Supplied Address
- SWC ID: 107 - SWC ID: 107
- Type: Warning - Severity: Medium
- Contract: Unknown - Contract: Unknown
- Function name: `calluseraddress(address)` - Function name: `calluseraddress(address)`
- PC address: 912 - PC address: 912
@ -82,11 +88,12 @@ The return value of an external call is not checked. Note that execution continu
### Description ### Description
The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. A call to a user-supplied address is executed.
The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `calluseraddress(address)` - Function name: `calluseraddress(address)`
- PC address: 912 - PC address: 912
@ -94,4 +101,5 @@ The contract executes a function call with high gas to a user-supplied address.
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.

@ -1,80 +1,88 @@
==== External call ==== ==== External Call To Fixed Address ====
SWC ID: 107 SWC ID: 107
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: thisisfine() Function name: thisisfine()
PC address: 661 PC address: 661
Estimated Gas Usage: 643 - 1254 Estimated Gas Usage: 643 - 1254
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: thisisfine() Function name: thisisfine()
PC address: 661 PC address: 661
Estimated Gas Usage: 1361 - 35972 Estimated Gas Usage: 1361 - 35972
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------
==== External call ==== ==== External Call To Fixed Address ====
SWC ID: 107 SWC ID: 107
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: callstoredaddress() Function name: callstoredaddress()
PC address: 779 PC address: 779
Estimated Gas Usage: 687 - 1298 Estimated Gas Usage: 687 - 1298
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: callstoredaddress() Function name: callstoredaddress()
PC address: 779 PC address: 779
Estimated Gas Usage: 1405 - 36016 Estimated Gas Usage: 1405 - 36016
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------
==== External call ==== ==== External Call To Fixed Address ====
SWC ID: 107 SWC ID: 107
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: reentrancy() Function name: reentrancy()
PC address: 858 PC address: 858
Estimated Gas Usage: 709 - 1320 Estimated Gas Usage: 709 - 1320
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: reentrancy() Function name: reentrancy()
PC address: 858 PC address: 858
Estimated Gas Usage: 6441 - 61052 Estimated Gas Usage: 6441 - 61052
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------
==== External call to user-supplied address ==== ==== External Call To User-Supplied Address ====
SWC ID: 107 SWC ID: 107
Type: Warning Severity: Medium
Contract: Unknown Contract: Unknown
Function name: calluseraddress(address) Function name: calluseraddress(address)
PC address: 912 PC address: 912
Estimated Gas Usage: 335 - 616 Estimated Gas Usage: 335 - 616
The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. A call to a user-supplied address is executed.
The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: calluseraddress(address) Function name: calluseraddress(address)
PC address: 912 PC address: 912
Estimated Gas Usage: 1055 - 35336 Estimated Gas Usage: 1055 - 35336
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------

@ -9,7 +9,7 @@
"function": "_function_0x83f12fec", "function": "_function_0x83f12fec",
"swc-id": "101", "swc-id": "101",
"title": "Integer Overflow", "title": "Integer Overflow",
"type": "Warning", "type": "Warning"
}, },
{ {
"address": 278, "address": 278,
@ -19,7 +19,7 @@
"function": "_function_0x83f12fec", "function": "_function_0x83f12fec",
"swc-id": "101", "swc-id": "101",
"title": "Integer Overflow", "title": "Integer Overflow",
"type": "Warning", "type": "Warning"
}, },
{ {
"address": 378, "address": 378,
@ -29,8 +29,8 @@
"function": "_function_0x83f12fec", "function": "_function_0x83f12fec",
"swc-id": "101", "swc-id": "101",
"title": "Integer Underflow", "title": "Integer Underflow",
"type": "Warning", "type": "Warning"
}, }
], ],
"success": true, "success": true
} }

@ -1,5 +1 @@
{ {"error": null, "issues": [], "success": true}
"error": null,
"issues": [],
"success": true
}

@ -0,0 +1 @@
{"issues": [], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": [], "sourceType": "raw-bytecode"}

@ -1,54 +1 @@
{ {"error": null, "issues": [{"address": 446, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.", "function": "assert3(uint256)", "max_gas_used": 301, "min_gas_used": 206, "severity": "Low", "sourceMap": null, "swc-id": "110", "title": "Exception State"}, {"address": 484, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.", "function": "arrayaccess(uint256)", "max_gas_used": 351, "min_gas_used": 256, "severity": "Low", "sourceMap": null, "swc-id": "110", "title": "Exception State"}, {"address": 506, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.", "function": "divisionby0(uint256)", "max_gas_used": 367, "min_gas_used": 272, "severity": "Low", "sourceMap": null, "swc-id": "110", "title": "Exception State"}, {"address": 531, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A reachable exception has been detected.\nIt is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.", "function": "assert1()", "max_gas_used": 363, "min_gas_used": 268, "severity": "Low", "sourceMap": null, "swc-id": "110", "title": "Exception State"}], "success": true}
"error": null,
"issues": [
{
"address": 446,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function": "assert3(uint256)",
"max_gas_used": 301,
"min_gas_used": 206,
"swc-id": "110",
"title": "Exception state",
"type": "Informational"
},
{
"address": 484,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function": "arrayaccess(uint256)",
"max_gas_used": 351,
"min_gas_used": 256,
"swc-id": "110",
"title": "Exception state",
"type": "Informational"
},
{
"address": 506,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function": "divisionby0(uint256)",
"max_gas_used": 367,
"min_gas_used": 272,
"swc-id": "110",
"title": "Exception state",
"type": "Informational"
},
{
"address": 531,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.",
"function": "assert1()",
"max_gas_used": 363,
"min_gas_used": 268,
"swc-id": "110",
"title": "Exception state",
"type": "Informational"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "A reachable exception has been detected.", "tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."}, "extra": {}, "locations": [{"sourceMap": "446:1:0"}], "severity": "Low", "swcID": "SWC-110", "swcTitle": "Assert Violation"}, {"description": {"head": "A reachable exception has been detected.", "tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."}, "extra": {}, "locations": [{"sourceMap": "484:1:0"}], "severity": "Low", "swcID": "SWC-110", "swcTitle": "Assert Violation"}, {"description": {"head": "A reachable exception has been detected.", "tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."}, "extra": {}, "locations": [{"sourceMap": "506:1:0"}], "severity": "Low", "swcID": "SWC-110", "swcTitle": "Assert Violation"}, {"description": {"head": "A reachable exception has been detected.", "tail": "It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking."}, "extra": {}, "locations": [{"sourceMap": "531:1:0"}], "severity": "Low", "swcID": "SWC-110", "swcTitle": "Assert Violation"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0x4a773a86bc6fb269f88bf09bb3094de29b6073cf13b1760e9d01d957f50a9dfd"], "sourceType": "raw-bytecode"}

@ -1,8 +1,8 @@
# Analysis results for test-filename.sol # Analysis results for test-filename.sol
## Exception state ## Exception State
- SWC ID: 110 - SWC ID: 110
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `assert3(uint256)` - Function name: `assert3(uint256)`
- PC address: 446 - PC address: 446
@ -10,11 +10,12 @@
### Description ### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state ## Exception State
- SWC ID: 110 - SWC ID: 110
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `arrayaccess(uint256)` - Function name: `arrayaccess(uint256)`
- PC address: 484 - PC address: 484
@ -22,11 +23,12 @@ A reachable exception (opcode 0xfe) has been detected. This can be caused by typ
### Description ### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state ## Exception State
- SWC ID: 110 - SWC ID: 110
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `divisionby0(uint256)` - Function name: `divisionby0(uint256)`
- PC address: 506 - PC address: 506
@ -34,11 +36,12 @@ A reachable exception (opcode 0xfe) has been detected. This can be caused by typ
### Description ### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
## Exception state ## Exception State
- SWC ID: 110 - SWC ID: 110
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `assert1()` - Function name: `assert1()`
- PC address: 531 - PC address: 531
@ -46,4 +49,5 @@ A reachable exception (opcode 0xfe) has been detected. This can be caused by typ
### Description ### Description
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.

@ -1,40 +1,44 @@
==== Exception state ==== ==== Exception State ====
SWC ID: 110 SWC ID: 110
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: assert3(uint256) Function name: assert3(uint256)
PC address: 446 PC address: 446
Estimated Gas Usage: 206 - 301 Estimated Gas Usage: 206 - 301
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
-------------------- --------------------
==== Exception state ==== ==== Exception State ====
SWC ID: 110 SWC ID: 110
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: arrayaccess(uint256) Function name: arrayaccess(uint256)
PC address: 484 PC address: 484
Estimated Gas Usage: 256 - 351 Estimated Gas Usage: 256 - 351
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
-------------------- --------------------
==== Exception state ==== ==== Exception State ====
SWC ID: 110 SWC ID: 110
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: divisionby0(uint256) Function name: divisionby0(uint256)
PC address: 506 PC address: 506
Estimated Gas Usage: 272 - 367 Estimated Gas Usage: 272 - 367
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
-------------------- --------------------
==== Exception state ==== ==== Exception State ====
SWC ID: 110 SWC ID: 110
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: assert1() Function name: assert1()
PC address: 531 PC address: 531
Estimated Gas Usage: 268 - 363 Estimated Gas Usage: 268 - 363
A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking. A reachable exception has been detected.
It is possible to trigger an exception (opcode 0xfe). Exceptions can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. Note that explicit `assert()` should only be used to check invariants. Use `require()` for regular input checking.
-------------------- --------------------

@ -1,66 +1 @@
{ {"error": null, "issues": [{"address": 618, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "_function_0x141f32ff", "max_gas_used": 35865, "min_gas_used": 1113, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}, {"address": 618, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Use of callcode is deprecated.\nThe callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead.", "function": "_function_0x141f32ff", "max_gas_used": 1141, "min_gas_used": 389, "severity": "Medium", "sourceMap": null, "swc-id": "111", "title": "Use of callcode"}, {"address": 849, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "_function_0x9b58bc26", "max_gas_used": 35922, "min_gas_used": 1170, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}, {"address": 1038, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "A call to a user-supplied address is executed.\nThe callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state.", "function": "_function_0xeea4c864", "max_gas_used": 1223, "min_gas_used": 471, "severity": "Medium", "sourceMap": null, "swc-id": "107", "title": "External Call To User-Supplied Address"}, {"address": 1038, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "_function_0xeea4c864", "max_gas_used": 35947, "min_gas_used": 1195, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}], "success": true}
"error": null,
"issues": [
{
"address": 618,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0x141f32ff",
"max_gas_used": 35865,
"min_gas_used": 1113,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
},
{
"address": 618,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The function `_function_0x141f32ff` uses callcode. Callcode does not persist sender or value over the call. Use delegatecall instead.",
"function": "_function_0x141f32ff",
"max_gas_used": 1141,
"min_gas_used": 389,
"swc-id": "111",
"title": "Use of callcode",
"type": "Warning"
},
{
"address": 849,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0x9b58bc26",
"max_gas_used": 35922,
"min_gas_used": 1170,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
},
{
"address": 1038,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state.",
"function": "_function_0xeea4c864",
"max_gas_used": 1223,
"min_gas_used": 471,
"swc-id": "107",
"title": "External call to user-supplied address",
"type": "Warning"
},
{
"address": 1038,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "_function_0xeea4c864",
"max_gas_used": 35947,
"min_gas_used": 1195,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "Use of callcode is deprecated.", "tail": "The callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead."}, "extra": {}, "locations": [{"sourceMap": "618:1:0"}], "severity": "Medium", "swcID": "SWC-111", "swcTitle": "Use of Deprecated Solidity Functions"}, {"description": {"head": "A call to a user-supplied address is executed.", "tail": "The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state."}, "extra": {}, "locations": [{"sourceMap": "1038:1:0"}], "severity": "Medium", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "618:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "849:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "1038:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0x6daec61d05d8f1210661e7e7d1ed6d72bd6ade639398fac1e867aff50abfc1c1"], "sourceType": "raw-bytecode"}

@ -1,8 +1,8 @@
# Analysis results for test-filename.sol # Analysis results for test-filename.sol
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `_function_0x141f32ff` - Function name: `_function_0x141f32ff`
- PC address: 618 - PC address: 618
@ -10,11 +10,12 @@
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
## Use of callcode ## Use of callcode
- SWC ID: 111 - SWC ID: 111
- Type: Warning - Severity: Medium
- Contract: Unknown - Contract: Unknown
- Function name: `_function_0x141f32ff` - Function name: `_function_0x141f32ff`
- PC address: 618 - PC address: 618
@ -22,11 +23,12 @@ The return value of an external call is not checked. Note that execution continu
### Description ### Description
The function `_function_0x141f32ff` uses callcode. Callcode does not persist sender or value over the call. Use delegatecall instead. Use of callcode is deprecated.
The callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `_function_0x9b58bc26` - Function name: `_function_0x9b58bc26`
- PC address: 849 - PC address: 849
@ -34,11 +36,12 @@ The function `_function_0x141f32ff` uses callcode. Callcode does not persist sen
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
## External call to user-supplied address ## External Call To User-Supplied Address
- SWC ID: 107 - SWC ID: 107
- Type: Warning - Severity: Medium
- Contract: Unknown - Contract: Unknown
- Function name: `_function_0xeea4c864` - Function name: `_function_0xeea4c864`
- PC address: 1038 - PC address: 1038
@ -46,11 +49,12 @@ The return value of an external call is not checked. Note that execution continu
### Description ### Description
The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. A call to a user-supplied address is executed.
The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `_function_0xeea4c864` - Function name: `_function_0xeea4c864`
- PC address: 1038 - PC address: 1038
@ -58,4 +62,5 @@ The contract executes a function call with high gas to a user-supplied address.
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.

@ -1,50 +1,55 @@
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: _function_0x141f32ff Function name: _function_0x141f32ff
PC address: 618 PC address: 618
Estimated Gas Usage: 1113 - 35865 Estimated Gas Usage: 1113 - 35865
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------
==== Use of callcode ==== ==== Use of callcode ====
SWC ID: 111 SWC ID: 111
Type: Warning Severity: Medium
Contract: Unknown Contract: Unknown
Function name: _function_0x141f32ff Function name: _function_0x141f32ff
PC address: 618 PC address: 618
Estimated Gas Usage: 389 - 1141 Estimated Gas Usage: 389 - 1141
The function `_function_0x141f32ff` uses callcode. Callcode does not persist sender or value over the call. Use delegatecall instead. Use of callcode is deprecated.
The callcode method executes code of another contract in the context of the caller account. Due to a bug in the implementation it does not persist sender and value over the call. It was therefore deprecated and may be removed in the future. Use the delegatecall method instead.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: _function_0x9b58bc26 Function name: _function_0x9b58bc26
PC address: 849 PC address: 849
Estimated Gas Usage: 1170 - 35922 Estimated Gas Usage: 1170 - 35922
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------
==== External call to user-supplied address ==== ==== External Call To User-Supplied Address ====
SWC ID: 107 SWC ID: 107
Type: Warning Severity: Medium
Contract: Unknown Contract: Unknown
Function name: _function_0xeea4c864 Function name: _function_0xeea4c864
PC address: 1038 PC address: 1038
Estimated Gas Usage: 471 - 1223 Estimated Gas Usage: 471 - 1223
The contract executes a function call with high gas to a user-supplied address. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent unanticipated effects on the contract state. A call to a user-supplied address is executed.
The callee address of an external message call can be set by the caller. Note that the callee can contain arbitrary code and may re-enter any function in this contract. Review the business logic carefully to prevent averse effects on thecontract state.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: _function_0xeea4c864 Function name: _function_0xeea4c864
PC address: 1038 PC address: 1038
Estimated Gas Usage: 1195 - 35947 Estimated Gas Usage: 1195 - 35947
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------

@ -1,5 +1 @@
{ {"error": null, "issues": [], "success": true}
"error": null,
"issues": [],
"success": true
}

@ -0,0 +1 @@
{"issues": [], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": [], "sourceType": "raw-bytecode"}

@ -1,18 +1 @@
{ {"error": null, "issues": [{"address": 142, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Anyone can withdraw ETH from the contract account.\nArbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.", "function": "transfer()", "max_gas_used": 467, "min_gas_used": 186, "severity": "High", "sourceMap": null, "swc-id": "105", "title": "Unprotected Ether Withdrawal"}], "success": true}
"error": null,
"issues": [
{
"address": 142,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.",
"function": "transfer()",
"max_gas_used": 467,
"min_gas_used": 186,
"swc-id": "105",
"title": "Ether thief",
"type": "Warning"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "Anyone can withdraw ETH from the contract account.", "tail": "Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability."}, "extra": {}, "locations": [{"sourceMap": "142:1:0"}], "severity": "High", "swcID": "SWC-105", "swcTitle": "Unprotected Ether Withdrawal"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0xbc9c3d9db56d20cf4ca3b6fd88ff9215cf728a092cca1ed8edb83272b933ff5b"], "sourceType": "raw-bytecode"}

@ -1,8 +1,8 @@
# Analysis results for test-filename.sol # Analysis results for test-filename.sol
## Ether thief ## Unprotected Ether Withdrawal
- SWC ID: 105 - SWC ID: 105
- Type: Warning - Severity: High
- Contract: Unknown - Contract: Unknown
- Function name: `transfer()` - Function name: `transfer()`
- PC address: 142 - PC address: 142
@ -10,4 +10,5 @@
### Description ### Description
Anyone can withdraw ETH from the contract account.
Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability. Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.

@ -1,10 +1,11 @@
==== Ether thief ==== ==== Unprotected Ether Withdrawal ====
SWC ID: 105 SWC ID: 105
Type: Warning Severity: High
Contract: Unknown Contract: Unknown
Function name: transfer() Function name: transfer()
PC address: 142 PC address: 142
Estimated Gas Usage: 186 - 467 Estimated Gas Usage: 186 - 467
Anyone can withdraw ETH from the contract account.
Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability. Arbitrary senders other than the contract creator can withdraw ETH from the contract account without previously having sent an equivalent amount of ETH to it. This is likely to be a vulnerability.
-------------------- --------------------

@ -1,5 +1 @@
{ {"error": null, "issues": [], "success": true}
"error": null,
"issues": [],
"success": true
}

@ -0,0 +1 @@
{"issues": [], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": [], "sourceType": "raw-bytecode"}

@ -1,18 +1 @@
{ {"error": null, "issues": [{"address": 317, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "Use of tx.origin is deprecated.\nThe smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin", "function": "transferOwnership(address)", "max_gas_used": 1051, "min_gas_used": 626, "severity": "Medium", "sourceMap": null, "swc-id": "111", "title": "Use of tx.origin"}], "success": true}
"error": null,
"issues": [
{
"address": 317,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin",
"function": "transferOwnership(address)",
"max_gas_used": 1051,
"min_gas_used": 626,
"swc-id": "111",
"title": "Use of tx.origin",
"type": "Warning"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "Use of tx.origin is deprecated.", "tail": "The smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.\nSee also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin"}, "extra": {}, "locations": [{"sourceMap": "317:1:0"}], "severity": "Medium", "swcID": "SWC-111", "swcTitle": "Use of Deprecated Solidity Functions"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0x25b20ef097dfc0aa56a932c4e09f06ee02a69c005767df86877f48c6c2412f03"], "sourceType": "raw-bytecode"}

@ -2,7 +2,7 @@
## Use of tx.origin ## Use of tx.origin
- SWC ID: 111 - SWC ID: 111
- Type: Warning - Severity: Medium
- Contract: Unknown - Contract: Unknown
- Function name: `transferOwnership(address)` - Function name: `transferOwnership(address)`
- PC address: 317 - PC address: 317
@ -10,5 +10,6 @@
### Description ### Description
The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead. Use of tx.origin is deprecated.
The smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin

@ -1,11 +1,12 @@
==== Use of tx.origin ==== ==== Use of tx.origin ====
SWC ID: 111 SWC ID: 111
Type: Warning Severity: Medium
Contract: Unknown Contract: Unknown
Function name: transferOwnership(address) Function name: transferOwnership(address)
PC address: 317 PC address: 317
Estimated Gas Usage: 626 - 1051 Estimated Gas Usage: 626 - 1051
The function `transferOwnership(address)` retrieves the transaction origin (tx.origin) using the ORIGIN opcode. Use msg.sender instead. Use of tx.origin is deprecated.
The smart contract retrieves the transaction origin (tx.origin) using msg.origin. Use of msg.origin is deprecated and the instruction may be removed in the future. Use msg.sender instead.
See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin See also: https://solidity.readthedocs.io/en/develop/security-considerations.html#tx-origin
-------------------- --------------------

@ -4,24 +4,26 @@
"address": 567, "address": 567,
"contract": "Unknown", "contract": "Unknown",
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>",
"description": "This binary subtraction operation can result in integer underflow.\n", "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function": "sendeth(address,uint256)", "function": "sendeth(address,uint256)",
"max_gas_used": 1774, "max_gas_used": 1053,
"min_gas_used": 1299, "min_gas_used": 768,
"severity": "High",
"sourceMap": null,
"swc-id": "101", "swc-id": "101",
"title": "Integer Underflow", "title": "Integer Underflow"
"type": "Warning"
}, { }, {
"address": 649, "address": 649,
"contract": "Unknown", "contract": "Unknown",
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>",
"description": "This binary subtraction operation can result in integer underflow.\n", "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function": "sendeth(address,uint256)", "function": "sendeth(address,uint256)",
"max_gas_used": 1774, "max_gas_used": 1774,
"min_gas_used": 1299, "min_gas_used": 1299,
"severity": "High",
"sourceMap": null,
"swc-id": "101", "swc-id": "101",
"title": "Integer Underflow", "title": "Integer Underflow"
"type": "Warning"
}], }],
"success": true "success": true
} }

@ -0,0 +1,40 @@
{
"issues": [
{
"description": {
"head": "The binary subtraction can underflow.",
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
"extra": {},
"locations": [
{
"sourceMap": "567:1:0"
}
],
"severity": "High",
"swcID": "SWC-101",
"swcTitle": "Integer Overflow and Underflow"
},
{
"description": {
"head": "The binary subtraction can underflow.",
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
"extra": {},
"locations": [
{
"sourceMap": "649:1:0"
}
],
"severity": "High",
"swcID": "SWC-101",
"swcTitle": "Integer Overflow and Underflow"
}
],
"meta": {},
"sourceFormat": "evm-byzantium-bytecode",
"sourceList": [
"0xf230bec502569e8b7e7737616d0ad0f200c436624e3c223e5398c0615cd2d6b9"
],
"sourceType": "raw-bytecode"
}

@ -2,19 +2,20 @@
## Integer Underflow ## Integer Underflow
- SWC ID: 101 - SWC ID: 101
- Type: Warning - Severity: High
- Contract: Unknown - Contract: Unknown
- Function name: `sendeth(address,uint256)` - Function name: `sendeth(address,uint256)`
- PC address: 567 - PC address: 567
- Estimated Gas Usage: 1299 - 1774 - Estimated Gas Usage: 768 - 1053
### Description ### Description
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
## Integer Underflow ## Integer Underflow
- SWC ID: 101 - SWC ID: 101
- Type: Warning - Severity: High
- Contract: Unknown - Contract: Unknown
- Function name: `sendeth(address,uint256)` - Function name: `sendeth(address,uint256)`
- PC address: 649 - PC address: 649
@ -22,4 +23,5 @@ This binary subtraction operation can result in integer underflow.
### Description ### Description
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.

@ -1,22 +1,22 @@
==== Integer Underflow ==== ==== Integer Underflow ====
SWC ID: 101 SWC ID: 101
Type: Warning Severity: High
Contract: Unknown Contract: Unknown
Function name: sendeth(address,uint256) Function name: sendeth(address,uint256)
PC address: 567 PC address: 567
Estimated Gas Usage: 1299 - 1774 Estimated Gas Usage: 768 - 1053
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
-------------------- --------------------
==== Integer Underflow ==== ==== Integer Underflow ====
SWC ID: 101 SWC ID: 101
Type: Warning Severity: High
Contract: Unknown Contract: Unknown
Function name: sendeth(address,uint256) Function name: sendeth(address,uint256)
PC address: 649 PC address: 649
Estimated Gas Usage: 1299 - 1774 Estimated Gas Usage: 1299 - 1774
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
-------------------- --------------------

@ -1,42 +1 @@
{ {"error": null, "issues": [{"address": 196, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract executes an external message call.\nAn external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.", "function": "callchecked()", "max_gas_used": 1210, "min_gas_used": 599, "severity": "Low", "sourceMap": null, "swc-id": "107", "title": "External Call To Fixed Address"}, {"address": 285, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract executes an external message call.\nAn external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.", "function": "callnotchecked()", "max_gas_used": 1232, "min_gas_used": 621, "severity": "Low", "sourceMap": null, "swc-id": "107", "title": "External Call To Fixed Address"}, {"address": 285, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The return value of a message call is not checked.\nExternal calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.", "function": "callnotchecked()", "max_gas_used": 35950, "min_gas_used": 1339, "severity": "Low", "sourceMap": null, "swc-id": "104", "title": "Unchecked Call Return Value"}], "success": true}
"error": null,
"issues": [
{
"address": 196,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.",
"function": "callchecked()",
"max_gas_used": 1210,
"min_gas_used": 599,
"swc-id": "107",
"title": "External call",
"type": "Informational"
},
{
"address": 285,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable.",
"function": "callnotchecked()",
"max_gas_used": 1232,
"min_gas_used": 621,
"swc-id": "107",
"title": "External call",
"type": "Informational"
},
{
"address": 285,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "The return value of an external call is not checked. Note that execution continue even if the called contract throws.",
"function": "callnotchecked()",
"max_gas_used": 35950,
"min_gas_used": 1339,
"swc-id": "104",
"title": "Unchecked CALL return value",
"type": "Informational"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "The contract executes an external message call.", "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."}, "extra": {}, "locations": [{"sourceMap": "196:1:0"}], "severity": "Low", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "The contract executes an external message call.", "tail": "An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully."}, "extra": {}, "locations": [{"sourceMap": "285:1:0"}], "severity": "Low", "swcID": "SWC-107", "swcTitle": "Reentrancy"}, {"description": {"head": "The return value of a message call is not checked.", "tail": "External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states."}, "extra": {}, "locations": [{"sourceMap": "285:1:0"}], "severity": "Low", "swcID": "SWC-104", "swcTitle": "Unchecked Call Return Value"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0xb191cf6cc0d8cc37a91c9d88019cc011b932169fb5776df616e2bb9cd93b4039"], "sourceType": "raw-bytecode"}

@ -1,8 +1,8 @@
# Analysis results for test-filename.sol # Analysis results for test-filename.sol
## External call ## External Call To Fixed Address
- SWC ID: 107 - SWC ID: 107
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `callchecked()` - Function name: `callchecked()`
- PC address: 196 - PC address: 196
@ -10,11 +10,12 @@
### Description ### Description
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
## External call ## External Call To Fixed Address
- SWC ID: 107 - SWC ID: 107
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `callnotchecked()` - Function name: `callnotchecked()`
- PC address: 285 - PC address: 285
@ -22,11 +23,12 @@ The contract executes a function call to an external address. Verify that the co
### Description ### Description
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
## Unchecked CALL return value ## Unchecked Call Return Value
- SWC ID: 104 - SWC ID: 104
- Type: Informational - Severity: Low
- Contract: Unknown - Contract: Unknown
- Function name: `callnotchecked()` - Function name: `callnotchecked()`
- PC address: 285 - PC address: 285
@ -34,4 +36,5 @@ The contract executes a function call to an external address. Verify that the co
### Description ### Description
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.

@ -1,30 +1,33 @@
==== External call ==== ==== External Call To Fixed Address ====
SWC ID: 107 SWC ID: 107
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: callchecked() Function name: callchecked()
PC address: 196 PC address: 196
Estimated Gas Usage: 599 - 1210 Estimated Gas Usage: 599 - 1210
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
-------------------- --------------------
==== External call ==== ==== External Call To Fixed Address ====
SWC ID: 107 SWC ID: 107
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: callnotchecked() Function name: callnotchecked()
PC address: 285 PC address: 285
Estimated Gas Usage: 621 - 1232 Estimated Gas Usage: 621 - 1232
The contract executes a function call to an external address. Verify that the code at this address is trusted and immutable. The contract executes an external message call.
An external function call to a fixed contract address is executed. Make sure that the callee contract has been reviewed carefully.
-------------------- --------------------
==== Unchecked CALL return value ==== ==== Unchecked Call Return Value ====
SWC ID: 104 SWC ID: 104
Type: Informational Severity: Low
Contract: Unknown Contract: Unknown
Function name: callnotchecked() Function name: callnotchecked()
PC address: 285 PC address: 285
Estimated Gas Usage: 1339 - 35950 Estimated Gas Usage: 1339 - 35950
The return value of an external call is not checked. Note that execution continue even if the called contract throws. The return value of a message call is not checked.
External calls return a boolean value. If the callee contract halts with an exception, 'false' is returned and execution continues in the caller. It is usually recommended to wrap external calls into a require statement to prevent unexpected states.
-------------------- --------------------

@ -8,7 +8,7 @@
"function": "_function_0x4229616d", "function": "_function_0x4229616d",
"type": "Warning", "type": "Warning",
"address": 1599, "address": 1599,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Ether send", "title": "Ether send",
@ -16,7 +16,7 @@
"function": "_function_0xb4022950", "function": "_function_0xb4022950",
"type": "Warning", "type": "Warning",
"address": 1940, "address": 1940,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Ether send", "title": "Ether send",
@ -24,7 +24,7 @@
"function": "_function_0xb4022950", "function": "_function_0xb4022950",
"type": "Warning", "type": "Warning",
"address": 2582, "address": 2582,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Exception state", "title": "Exception state",
@ -32,7 +32,7 @@
"function": "_function_0x57d4021b", "function": "_function_0x57d4021b",
"type": "Informational", "type": "Informational",
"address": 1653, "address": 1653,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Exception state", "title": "Exception state",
@ -40,7 +40,7 @@
"function": "_function_0x9dbc4f9b", "function": "_function_0x9dbc4f9b",
"type": "Informational", "type": "Informational",
"address": 2085, "address": 2085,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -48,7 +48,7 @@
"function": "fallback", "function": "fallback",
"type": "Informational", "type": "Informational",
"address": 3111, "address": 3111,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -56,7 +56,7 @@
"function": "fallback", "function": "fallback",
"type": "Informational", "type": "Informational",
"address": 3140, "address": 3140,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -64,7 +64,7 @@
"function": "fallback", "function": "fallback",
"type": "Informational", "type": "Informational",
"address": 2950, "address": 2950,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -72,7 +72,7 @@
"function": "fallback", "function": "fallback",
"type": "Informational", "type": "Informational",
"address": 1268, "address": 1268,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -80,7 +80,7 @@
"function": "_function_0x09dfdc71", "function": "_function_0x09dfdc71",
"type": "Informational", "type": "Informational",
"address": 310, "address": 310,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -88,7 +88,7 @@
"function": "_function_0x09dfdc71", "function": "_function_0x09dfdc71",
"type": "Informational", "type": "Informational",
"address": 1316, "address": 1316,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -96,7 +96,7 @@
"function": "_function_0x253459e3", "function": "_function_0x253459e3",
"type": "Informational", "type": "Informational",
"address": 1375, "address": 1375,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -104,7 +104,7 @@
"function": "_function_0x4229616d", "function": "_function_0x4229616d",
"type": "Informational", "type": "Informational",
"address": 1511, "address": 1511,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -112,7 +112,7 @@
"function": "_function_0x57d4021b", "function": "_function_0x57d4021b",
"type": "Informational", "type": "Informational",
"address": 1679, "address": 1679,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -120,7 +120,7 @@
"function": "_function_0x6fbaaa1e", "function": "_function_0x6fbaaa1e",
"type": "Informational", "type": "Informational",
"address": 618, "address": 618,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -128,7 +128,7 @@
"function": "_function_0x8a5fb3ca", "function": "_function_0x8a5fb3ca",
"type": "Informational", "type": "Informational",
"address": 805, "address": 805,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Invariant branch condition", "title": "Invariant branch condition",
@ -136,7 +136,7 @@
"function": "_function_0x9dbc4f9b", "function": "_function_0x9dbc4f9b",
"type": "Informational", "type": "Informational",
"address": 2187, "address": 2187,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Unchecked CALL return value", "title": "Unchecked CALL return value",
@ -144,7 +144,7 @@
"function": "_function_0x4229616d", "function": "_function_0x4229616d",
"type": "Informational", "type": "Informational",
"address": 1599, "address": 1599,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Unchecked CALL return value", "title": "Unchecked CALL return value",
@ -152,7 +152,7 @@
"function": "_function_0xb4022950", "function": "_function_0xb4022950",
"type": "Informational", "type": "Informational",
"address": 1940, "address": 1940,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Unchecked CALL return value", "title": "Unchecked CALL return value",
@ -160,7 +160,7 @@
"function": "_function_0xb4022950", "function": "_function_0xb4022950",
"type": "Informational", "type": "Informational",
"address": 2582, "address": 2582,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, }
], ]
} }

@ -1,18 +1 @@
{ {"error": null, "issues": [{"address": 146, "contract": "Unknown", "debug": "<DEBUG-DATA>", "description": "The contract can be killed by anyone.\nArbitrary senders can kill this contract and withdraw its balance to their own account.", "function": "kill(address)", "max_gas_used": 263, "min_gas_used": 168, "severity": "High", "sourceMap": null, "swc-id": "106", "title": "Unprotected Selfdestruct"}], "success": true}
"error": null,
"issues": [
{
"address": 146,
"contract": "Unknown",
"debug": "<DEBUG-DATA>",
"description": "Anyone can kill this contract and withdraw its balance to their own account.",
"function": "kill(address)",
"max_gas_used": 263,
"min_gas_used": 168,
"swc-id": "106",
"title": "Unchecked SUICIDE",
"type": "Warning"
}
],
"success": true
}

@ -0,0 +1 @@
{"issues": [{"description": {"head": "The contract can be killed by anyone.", "tail": "Arbitrary senders can kill this contract and withdraw its balance to their own account."}, "extra": {}, "locations": [{"sourceMap": "146:1:0"}], "severity": "High", "swcID": "SWC-106", "swcTitle": "Unprotected SELFDESTRUCT Instruction"}], "meta": {}, "sourceFormat": "evm-byzantium-bytecode", "sourceList": ["0x2fb801366b61a05b30550481a1c8f7d5f20de0b93d9f2f2ce2b28c4e322033c9"], "sourceType": "raw-bytecode"}

@ -1,8 +1,8 @@
# Analysis results for test-filename.sol # Analysis results for test-filename.sol
## Unchecked SUICIDE ## Unprotected Selfdestruct
- SWC ID: 106 - SWC ID: 106
- Type: Warning - Severity: High
- Contract: Unknown - Contract: Unknown
- Function name: `kill(address)` - Function name: `kill(address)`
- PC address: 146 - PC address: 146
@ -10,4 +10,5 @@
### Description ### Description
Anyone can kill this contract and withdraw its balance to their own account. The contract can be killed by anyone.
Arbitrary senders can kill this contract and withdraw its balance to their own account.

@ -1,10 +1,11 @@
==== Unchecked SUICIDE ==== ==== Unprotected Selfdestruct ====
SWC ID: 106 SWC ID: 106
Type: Warning Severity: High
Contract: Unknown Contract: Unknown
Function name: kill(address) Function name: kill(address)
PC address: 146 PC address: 146
Estimated Gas Usage: 168 - 263 Estimated Gas Usage: 168 - 263
Anyone can kill this contract and withdraw its balance to their own account. The contract can be killed by anyone.
Arbitrary senders can kill this contract and withdraw its balance to their own account.
-------------------- --------------------

@ -4,24 +4,26 @@
"address": 567, "address": 567,
"contract": "Unknown", "contract": "Unknown",
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>",
"description": "This binary subtraction operation can result in integer underflow.\n", "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function": "sendeth(address,uint256)", "function": "sendeth(address,uint256)",
"max_gas_used": 1774, "max_gas_used": 1053,
"min_gas_used": 1299, "min_gas_used": 768,
"severity": "High",
"sourceMap": null,
"swc-id": "101", "swc-id": "101",
"title": "Integer Underflow", "title": "Integer Underflow"
"type": "Warning"
}, { }, {
"address": 649, "address": 649,
"contract": "Unknown", "contract": "Unknown",
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>",
"description": "This binary subtraction operation can result in integer underflow.\n", "description": "The binary subtraction can underflow.\nThe operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.",
"function": "sendeth(address,uint256)", "function": "sendeth(address,uint256)",
"max_gas_used": 1774, "max_gas_used": 1774,
"min_gas_used": 1299, "min_gas_used": 1299,
"severity": "High",
"sourceMap": null,
"swc-id": "101", "swc-id": "101",
"title": "Integer Underflow", "title": "Integer Underflow"
"type": "Warning"
}], }],
"success": true "success": true
} }

@ -0,0 +1,40 @@
{
"issues": [
{
"description": {
"head": "The binary subtraction can underflow.",
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
"extra": {},
"locations": [
{
"sourceMap": "567:1:0"
}
],
"severity": "High",
"swcID": "SWC-101",
"swcTitle": "Integer Overflow and Underflow"
},
{
"description": {
"head": "The binary subtraction can underflow.",
"tail": "The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion."
},
"extra": {},
"locations": [
{
"sourceMap": "649:1:0"
}
],
"severity": "High",
"swcID": "SWC-101",
"swcTitle": "Integer Overflow and Underflow"
}
],
"meta": {},
"sourceFormat": "evm-byzantium-bytecode",
"sourceList": [
"0xabef56740bf7795a9f8732e4781ebd27f2977f8a4997e3ff11cee79a4ba6c0ce"
],
"sourceType": "raw-bytecode"
}

@ -2,19 +2,20 @@
## Integer Underflow ## Integer Underflow
- SWC ID: 101 - SWC ID: 101
- Type: Warning - Severity: High
- Contract: Unknown - Contract: Unknown
- Function name: `sendeth(address,uint256)` - Function name: `sendeth(address,uint256)`
- PC address: 567 - PC address: 567
- Estimated Gas Usage: 1299 - 1774 - Estimated Gas Usage: 768 - 1053
### Description ### Description
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
## Integer Underflow ## Integer Underflow
- SWC ID: 101 - SWC ID: 101
- Type: Warning - Severity: High
- Contract: Unknown - Contract: Unknown
- Function name: `sendeth(address,uint256)` - Function name: `sendeth(address,uint256)`
- PC address: 649 - PC address: 649
@ -22,4 +23,5 @@ This binary subtraction operation can result in integer underflow.
### Description ### Description
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.

@ -1,22 +1,22 @@
==== Integer Underflow ==== ==== Integer Underflow ====
SWC ID: 101 SWC ID: 101
Type: Warning Severity: High
Contract: Unknown Contract: Unknown
Function name: sendeth(address,uint256) Function name: sendeth(address,uint256)
PC address: 567 PC address: 567
Estimated Gas Usage: 1299 - 1774 Estimated Gas Usage: 768 - 1053
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
-------------------- --------------------
==== Integer Underflow ==== ==== Integer Underflow ====
SWC ID: 101 SWC ID: 101
Type: Warning Severity: High
Contract: Unknown Contract: Unknown
Function name: sendeth(address,uint256) Function name: sendeth(address,uint256)
PC address: 649 PC address: 649
Estimated Gas Usage: 1299 - 1774 Estimated Gas Usage: 1299 - 1774
This binary subtraction operation can result in integer underflow. The binary subtraction can underflow.
The operands of the subtraction operation are not sufficiently constrained. The subtraction could therefore result in an integer underflow. Prevent the underflow by checking inputs or ensure sure that the underflow is caught by an assertion.
-------------------- --------------------

@ -8,7 +8,7 @@
"function": "_function_0xe9874106", "function": "_function_0xe9874106",
"type": "Warning", "type": "Warning",
"address": 1285, "address": 1285,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Ether send", "title": "Ether send",
@ -16,7 +16,7 @@
"function": "_function_0xe9874106", "function": "_function_0xe9874106",
"type": "Warning", "type": "Warning",
"address": 1285, "address": 1285,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Exception state", "title": "Exception state",
@ -24,7 +24,7 @@
"function": "fallback", "function": "fallback",
"type": "Informational", "type": "Informational",
"address": 356, "address": 356,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Exception state", "title": "Exception state",
@ -32,7 +32,7 @@
"function": "_function_0xe9874106", "function": "_function_0xe9874106",
"type": "Informational", "type": "Informational",
"address": 146, "address": 146,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, },
{ {
"title": "Transaction order dependence", "title": "Transaction order dependence",
@ -40,7 +40,7 @@
"function": "_function_0xe9874106", "function": "_function_0xe9874106",
"type": "Warning", "type": "Warning",
"address": 1285, "address": 1285,
"debug": "<DEBUG-DATA>", "debug": "<DEBUG-DATA>"
}, }
], ]
} }
Loading…
Cancel
Save